Lead Security Incident Response Analyst

As the Lead Incident Response Analyst within Blizzard’s Global Security Operations group, you will lead the charge in Tier 2 and above investigations that revolve around securing our enterprise data and IP assets.  When Sombra comes calling, you’ll be waiting to teach her a lesson. 

You’ll partner across a wide range of security and technology resources to lead the IR process from discovery, to analysis, containment, and eradication.  You’ll be Blizzard’s security incident response leader; responsible for all communication, technical analysis, and forward planning.

In addition, you will maintain the IR documentation, run books, and lead incident response drills.  You’ll also provide regular feedback to the Blue Team to enhance their detective capabilities, and challenge the Red Team to shut down their offensive campaigns.

You’re a communicator who enjoys working with a highly talented, cross functional team, and you’re looking for a serious challenge.


  • Lead the Incident Response team and manage incidents in partnership with departments across the organization
  • Oversee computer forensic investigations from initial detection and triage to resolution
  • Translate technical details pertaining to incident response into consumable elements for non-technical groups
  • Partner with and maintain relationships with external resources that could be associated with incident response
  • Maintain and perform upkeep on the policies, protocols and runbooks associated with the IR team
  • Communicate with and train non-security departments involved with investigations, through a combination of documentation and recurring tabletop exercises and simulations
  • Lead post incident after action reviews
  • Supply enhancements to detection and prevention systems managed by the Blue Team as necessary and collaborate with the Red Team on campaigns they execute
  • Act as a mentor to junior security analysts


  • 5+ years of experience as a security professional or technical role with a heavy emphasis on security & investigations
  • 5+ years of experience in at least two of the following areas: network forensics, operating system forensics, intrusion analysis, malware reverse engineering
  • Ability to write scripts in one or more languages (e.g Python, PowerShell)
  • Awareness and application experience pertaining to the various incident response frameworks (e.g., NIST)
  • Experience leading technical resources (internal or external) performing forensic investigation functions
  • Understanding of chain of custody, legal proceedings and how law enforcement could integrate with an incident response program
  • Outstanding communication capabilities, written and oral, with a knack for delivering presentations to audiences of all technical levels pertaining to IR related activities
  • Bachelor’s degree, or equivalent professional experience
  • Industry certifications (e.g. CISSP, GCIH) are a plus

Meet Some of Blizzard Entertainment's Employees

Ely C.

Lead Environment Artist

As a lead environment artist, Ely guides his team of artists as they flesh out and paint the organic elements that compose the landscapes throughout World of Warcraft.

Ashleigh W.

Prop Artist

Creating props for World of Warcraft means Ashleigh gets to act as an interior decorator for the game—crafting anything the characters would make, from initial concept to completion.

Back to top