Skip to main contentA logo with &quat;the muse&quat; in dark blue text.
Newsletter
Expel

Senior Incident Response Analyst

4 days ago Flexible / Remote

You’ve seen it all, or at least enough to know that no two incidents are ever the same. When an intrusion hits, your instinct kicks in: gather the evidence, map the attacker’s path, contain the damage, and help the customer bounce back stronger. You thrive in the chaos of an unfolding incident, and you bring calm, clarity, and technical precision to every situation.

At Expel, our Senior Incident Response Analysts are trusted partners and escalation points for complex investigations. You’ll lead detection, containment, and remediation across diverse environments, from on-prem infrastructure to cloud-native ecosystems. You’ll not only tackle incidents head-on but also help shape how Expel detects and responds to threats at scale.

Want more jobs like this?

Get jobs in Flexible / Remote delivered to your inbox every week.

Job alert subscription

By signing up, you agree to our Terms of Service & Privacy Policy.

This role is part investigator, part mentor, part builder. You’ll guide analysts through incident response, refine our detections and tools, and collaborate with engineering, engagement management, and product teams to drive Expel’s security roadmap forward. You’ll also have a front-row seat to some of the most sophisticated attacker tradecraft out there and the freedom to innovate on how we outsmart them.

What Expel can do for you

  • Lead high-impact investigations and guide customers through containment and remediation.
  • Analyze and interpret complex security data to determine scope, impact, and root cause.
  • Build and refine custom detections across multiple platforms, improving our threat visibility.
  • Translate incidents into proactive strategies to strengthen customer resilience.
  • Mentor SOC analysts and specialists, sharing expertise and raising the team’s bar.
  • Collaborate closely with the Engineering and Product  teams to improve our tooling and response workflows.
  • Participate in 24x7 on-call rotations for major incident handling and escalations.
  • Contribute to Expel’s blog or internal knowledge base to share lessons learned.

What you can do for Expel

  • Surround you with sharp, experienced peers who love learning as much as teaching.
  • Give you exposure to diverse customer environments and attacker tactics.
  • Offer autonomy, flexibility, and trust to experiment, improve, and drive outcomes.
  • Support your continued learning with certifications, conferences, and structured mentorship.
  • Provide transparent pay, flexible work, generous health benefits, and up to 24 weeks of parental leave.

What You Should Bring With You

  • 4–6 years of hands-on experience in security operations or incident response.
  • Advanced network protocol analysis skills (you know TCP/IP inside out).
  • Deep knowledge of Windows internals, forensic artifacts, and live response techniques.
  • Expertise with Linux and macOS command-line tools.
  • Deep experience with EDR, SIEM, and IDS/IPS technologies.
  • Familiarity with cloud investigations (AWS, GCP, Azure) and container security (Kubernetes, Docker).
  • Solid understanding of attacker tradecraft, threat tactics, and MITRE ATT&CK.
  • Bonus points for scripting (Python, PowerShell, Go, or similar).
  • Excellent written and verbal communication where you can turn technical chaos into clear, actionable guidance.

Additional notes

The targeted compensation range for this role is between: $122,400 USD and $177,500 + equity.

We believe in paying transparently and equitably. Your salary will ultimately be based on factors such as your experience, skills, team equity, and market data. You’ll also be eligible for unlimited PTO (which we model and encourage), work location flexibility, up to 24 weeks of parental leave, and really excellent health benefits.

We're an Equal Opportunity Employer: You'll receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

We’ll ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please let us know if you need accommodation of any kind.

#LI-Remote

Salary Range
$122,400$177,500 USD
Client-provided location(s): Flexible / Remote
Job ID: 8236516002
Employment Type: OTHER
Posted: 2025-12-01T18:32:47

Perks and Benefits

  • Health and Wellness

    • Health Insurance
    • Health Reimbursement Account
    • Dental Insurance
    • Vision Insurance
    • Life Insurance
    • Short-Term Disability
    • Long-Term Disability
    • FSA
    • FSA With Employer Contribution
    • Fitness Subsidies
    • Mental Health Benefits
    • Virtual Fitness Classes

  • Parental Benefits

    • Family Support Resources
    • Fertility Benefits

  • Work Flexibility

    • Flexible Work Hours
    • Remote Work Opportunities
    • Hybrid Work Opportunities
    • Work-From-Home Stipend

  • Office Life and Perks

    • Casual Dress
    • Happy Hours
    • Snacks
    • Some Meals Provided
    • Company Outings
    • Holiday Events

  • Vacation and Time Off

    • Paid Vacation
    • Unlimited Paid Time Off
    • Paid Holidays
    • Personal/Sick Days
    • Sabbatical
    • Leave of Absence
    • Volunteer Time Off

  • Financial and Retirement

    • Company Equity
    • Stock Purchase Program
    • Performance Bonus
    • Financial Counseling
    • 401(K) With Company Matching

  • Professional Development

    • Learning and Development Stipend
    • Promote From Within
    • Mentor Program
    • Shadowing Opportunities
    • Access to Online Courses
    • Lunch and Learns
    • Leadership Training Program

  • Diversity and Inclusion

    • Diversity, Equity, and Inclusion Program
    • Employee Resource Groups (ERG)
    • Founder led