Allstate · 3 hours ago
Level 3 Digital Forensics and Incident Response Analyst
United States
Full-time
Remote
Senior Level
$120K/yr - $194K/yr
7+ years expAllstate is a company that has been protecting families and their belongings for over 90 years. They are seeking a Level 3 Digital Forensics and Incident Response Analyst to join their Global Security Fusion Center team, where the primary focus will be on incident response and digital forensics, leading investigations, and mentoring junior analysts.
BankingFinanceFinancial ServicesInsuranceInsurTechVenture Capital
No H1B
Responsibilities
Lead deep-dive investigations into complex security incidents, tracing attack paths and uncovering root causes
Handle high-severity threats from start to finish — escalating, analyzing, and making sure nothing slips through the cracks
Work side-by-side with engineers to improve detection rules and integrate new tools that make our security smarter and faster
Mentor fellow SOC analysts and act as a go-to person for tough security challenges
Help shape and refine SOC workflows, ensuring our processes are clear, effective, and constantly improving
Dive into large volumes of security data to spot patterns, build custom tools, and uncover hidden threats
Perform network, disk, system files and memory forensic analysis
Collaborate on long-term security strategies, offering ideas to strengthen policies, tools, and infrastructure
Coordinate the collection of evidence and help document findings clearly for both technical and non-technical audiences
Bring deep expertise across areas like forensics, log analysis, incident response, operating systems, and networks
Define and assist in creation of operational and executive reports
Constantly stay connected with teammates and partners to share insights and improve how we respond to threats
Qualification
Required
7+ years of hands-on experience in Cybersecurity, with 5+ years specifically in Incident Response and/or Digital Forensics
Extensive experience in Incident Response, Incident Handling and Security Operations
Strong knowledge of Windows and Linux internals, including registry, system logs, file systems, and memory structures
Proficiency with EDR/XDR platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint)
Familiarity with modern forensic tools such as Magnet AXIOM, F-Response, Velociraptor, Autopsy, KAPE, or Eric Zimmerman's tools
Experience with SIEM platforms (e.g., Splunk, Sentinel, Elastic, Chronicle) for threat detection and analysis
Practical knowledge of MITRE ATT&CK and threat actor TTPs
Experience analyzing PCAPs and network traffic using tools such as Wireshark or Zeek
Familiarity with common scripting languages (Python, PowerShell, Bash) for automating investigations and tool integration
Strong written and verbal communication skills, especially in producing high-quality reports and briefings
Preferred
Experience in cloud-native security monitoring and incident response in environments like AWS, Azure, or Google Cloud Platform
Reverse engineering skills or familiarity with dynamic/static malware analysis techniques
Development or tuning of detection rules (e.g., Sigma, Snort, Suricata, YARA)
Experience working in large enterprise or multi-tenant environments
Cybersecurity certifications such as: GCFA, GCIH, GNFA, GREM, GCIA, CISSP, OSCP, or similar
Working knowledge of security frameworks and compliance standards such as NIST 800-61, MITRE D3FEND, ISO 27001, HIPAA, PCI-DSS
Company
Allstate
Allstate is an insurance company that offers car, home, and life insurance services. It is a sub-organization of Allstate.
10001+ employees
Funding
Current Stage
Public CompanyTotal Funding
$500M2024-06-24Post Ipo Debt· $500M
2014-01-13Post Ipo Equity
1993-06-11IPO
Leadership Team
Jonathan Adkisson
SVP & General Manager - Direct Distribution
Guy Hill
Executive Vice President, Product Management
Recent News
2026-02-05
2026-02-05
legacy.thefly.com
2026-02-05
Company data provided by crunchbase