Job Description
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information across enterprises, governments, and consumers. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend harnesses AI to protect organizations and individuals across clouds, networks, devices, and endpoints. The Trend Vision One™ enterprise cybersecurity platform accelerates proactive security outcomes by predicting and preventing threats across the entire digital estate and environments like AWS, Google, Microsoft, and NVIDIA. Proactive security starts here. TrendMicro.com Location: This is a hybrid role with a minimum in-office requirement of 3 days per week in the Las Colinas, Texas office located at 225 E John W Carpenter Fwy #1500, Irving, TX 75062. The cybersecurity industry is at an inflection point. As adversaries evolve and detection demands accelerate, 24/7 security monitoring is transforming from reactive alert processing into intelligent, customer-centric threat defense. You'll join our Global Managed Detection & Response (MDR) team at exactly the right moment: when AI-driven alert triage and anomaly detection are enabling analysts to identify genuine threats faster, reduce false positives and focus on what matters most: knowing our customers deeply, protecting them completely and being the team they trust without question. About The Role In this role, you're not just responding to breaches. You're the person customers rely on when it matters most. You'll build trusted relationships with enterprise customers, translate complex threat data into intelligence that drives decisions, and lead organisations through their most critical security moments with clarity and control. Working alongside AI systems that accelerate your investigative capabilities, you'll compress detection times from hours to minutes and deliver insights that turn incidents into lasting security improvements. Every forensic analysis you conduct, every malware sample you dissect, and every recommendation you make leaves customers measurably harder to compromise than before you arrived. As an Incident Response Analyst, you'll investigate sophisticated security breaches, lead containment under pressure and become the person enterprise customers trust when everything is on the line. You'll be the critical link between TrendAI Vision One™ and customer recovery, operating across global threat operations where seconds matter, relationships are everything and AI amplifies what you're already capable of. You will also play an active role in shaping how AI transforms incident response. That means contributing to automation initiatives, stress-testing AI-driven workflows and helping define how our analysts and AI systems work together to respond faster, investigate deeper and protect more effectively at scale. The analysts who join us now are not just using the tools. They are helping build them. Core Responsibilities Forensic Investigation: Conduct root cause analysis of security breaches; determine attack vectors, scope and business impact with precision and accountability. Incident Response: Lead containment and threat eradication using TrendAI Vision One™, coordinating across internal teams and customer stakeholders from first alert to resolution. Threat Analysis & Detection: Analyze malware and threat components; develop and refine detection rules; generate threat intelligence and IoCs. Customer Reporting: Create executive-ready incident reports; deliver briefings to stakeholders; recommend security improvements. Proactive Threat Operations: Hunt for advanced threat indicators across customer networks; improve detection logic and fidelity. AI Orchestration: Contribute to automation and AI initiatives that compress response times, reduce analyst burden, and sharpen the overall quality of MDR delivery. Required Qualifications Bachelor's degree in Computer Science, Cybersecurity, Information Security, or related field 3+ years in security operations with demonstrated expertise in: Incident response and forensics; Malware analysis and threat investigation; SOC operations or security monitoring. Technical Competencies AI in Practice: Familiarity with how AI and automation are reshaping incident response workflows, from alert triage to forensic analysis. Curiosity about where it's going matters as much as where you are today. OS & Network Forensics: Advanced Windows and Linux forensics (registry, event logs, artifacts, filesystem analysis). Forensics Tools: SIFT Workstation, WinPMEM, dd/dclfdd, Autopsy, Volatility Framework, FTK Imagerm Wireshark, Bro/SiLK, Netflow, tcpdump – or