Analyst - Incident Response

Dover is a diversified global manufacturer with annual revenue of over $8 billion. We deliver innovative equipment and components, specialty systems, consumable supplies, software and digital solutions, and support services through five operating segments: Engineered Products, Clean Energy & Fueling, Imaging & Identification, Pumps & Process Solutions and Climate & Sustainable Technologies. Dover combines global scale with operational agility to lead the markets we serve. Recognized for our entrepreneurial approach for over 60 years, our team of approximately 24,000 employees takes an ownership mindset, collaborating with customers to redefine what's possible. Headquartered in Downers Grove, Illinois, Dover trades on the New York Stock Exchange under "DOV." Additional information is available at dovercorporation.com. 

Designation: Analyst - Incident Response

Experience: 3-8 Years

Education: B.E

Location: Bangalore

Roles & Responsibilities:

• Monitor and triage security alerts from SOC tools and escalate incidents as required.  

• Perform end-to-end incident investigation and response, including detection, containment, eradication, and recovery.  

• Conduct timeline analysis using EDR tools (CrowdStrike) to identify attack vectors and impacted systems.  

• Analyze logs and create queries in Splunk (SIEM) for threat detection and correlation.  

• Perform email header analysis for phishing, spoofing, and email-based threats.  

• Investigate incidents involving:  

• Data exfiltration / data loss  

• Financial fraud (customer/vendor/banking interactions)  

• Zero-day threats  

• Copyright infringement  

• Assess incident impact, severity, and business risk.  

• Document incidents with clear evidence, findings, and recommendations.  

• Collaborate with IT, Cloud, and Network teams for remediation and recovery.  

• Contribute to improving IR playbooks and SOC processes. 

• Maintain accurate and timely incident documentation within incident management systems. 

Must have skills:

• EDR: CrowdStrike (event timeline analysis, RTR experience)  
• SIEM: Splunk (log analysis, query writing)  
• Cloud Security: AWS, Azure, O365 log analysis  
• Email Security: Email header and phishing analysis  
• Networking: DNS, DHCP, OSI model, TCP/IP  
• Security Tools: Firewalls, IDS/IPS, WAF, Proxy  
• Frameworks: Cyber Kill Chain / MITRE ATT&CK 

Preferred Certifications: 

• Certifications: CEH, GCIH, GCIA, Security+ , CCNA 
• Exposure to threat intelligence platforms         

 Required Experience 

• Total Experience: 5 Years  

• SOC Monitoring: 1–3 Years  

• Incident Response: 2 Years 

We consider several job-related, non-discriminatory factors when determining the pay rate for a position, including, but not limited to, the position’s responsibilities, a candidate’s work experience, a candidate’s education/training, the position’s location, and the key skills needed for the position.  Pay is one of the Total Rewards that we provide to compensate and recognize employees for their work.All qualified applicants will receive consideration for employment without discrimination on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, genetic information, or any other factors prohibited by law.