Broxer
Join
E

Incident Response Analyst

Ecobank Ghana PLC

Accra, Greater Accra Region, Ghana · Full Time

Be the first to apply

Experience
5–7 yrs
Salary
Openings
1
Posted
3 hours ago

Where you'll work

Job description

Job Purpose

This role is for a cybersecurity specialist who will handle security incidents and suspicious activity such as data loss, system compromise, ransomware, and internal misuse. The work calls for strong investigative ability and advanced analysis to help contain, eliminate, and recover from threats.

Role Context

The incident response function exists to protect the organization’s security posture by managing the aftermath of cyber events. The analyst will assess how severe a threat is, investigate what happened, and help restore systems and services safely and quickly.

Key Responsibilities

  • Act as a senior-level investigator and subject matter expert, using advanced investigation techniques to identify and remove unauthorized or malicious activity from systems, networks, applications, databases, and cloud environments so essential services remain stable and available.
  • Track security alerts and respond to incidents through established workflows, and help design processes where formal procedures are not yet in place.
  • Lead and coordinate incident handling efforts, making sure the right stakeholders are engaged and that response actions are carried out effectively with support from application, network, and service desk teams.
  • Move quickly to contain incidents, limit damage, and carry out recovery actions such as isolating affected assets, stopping malicious behavior, applying patches, and working with technical teams to eliminate root causes and complete remediation.
  • Review alerts from the SIEM and other security sources, then take action according to company security policy.
  • Perform forensic investigations to collect evidence, determine the origin and impact of incidents, and preserve logs and artifacts for response, legal, or regulatory use.
  • Develop security plans, policies, protocols, and training materials that improve the group’s readiness for incident response.
  • Set up communication procedures for use during and after security incidents, both internally and externally.
  • Produce detailed incident reports covering what happened, what actions were taken, and the lessons learned, and share findings with management, IT teams, and outside parties when necessary.
  • Carry out root cause analysis to identify control gaps and partner with engineers to fix the underlying issues.
  • Work with the SOC to define misuse and abuse scenarios for all systems connected to the SIEM.
  • Help the SOC maintain a complete and current asset inventory for the group.
  • Provide forensic and investigation support to Corporate Investigations and Group Audit when required.
  • Improve the incident response process continuously by closing gaps, introducing best practices, and using automation and orchestration tools where useful.
  • Contribute to incident response playbooks, SOPs, and handling guidelines.
  • Decide whether incidents should be closed, held, returned, or escalated based on response outcomes and playbook instructions.

Experience and Qualifications

A suitable candidate should bring 5 to 7 years of practical, professional experience in Incident Response, Security Operations, Software Development, Applications Support, Systems Administration, or Network Design and Implementation. A bachelor’s degree in Computer Science, Information Technology, or a related field is preferred.

Skills, Capabilities, and Attributes

  • Strong command of cybersecurity principles and practices, including programming, networking, operating systems, malware forensics, threat analysis, incident handling, penetration testing, and reverse engineering.
  • Solid understanding of information assurance, threat hunting, system and network analysis, communication protocols, computer/network architecture, and virtual machine technology.
  • Ability to analyze and correlate security data to separate genuine attack indicators from normal behavior.
  • Capability to research malware intelligence and present findings clearly to business leaders and stakeholders.
  • Hands-on experience with security platforms and tools such as SIEM, IDS/IPS, EDR, and network analysis utilities.
  • Professional certifications such as GCIH, CISSP, CySA+, or CEH are strongly preferred.

Location

The position is based in Accra, Greater Accra Region, Ghana.

Application Information

Candidates are expected to submit their application through the online form and complete all required fields before the closing date.

Application deadline: 25 January 2026

Skills

Communication Skills Network Security Root Cause Analysis Digital Forensics Process Improvement Security Operations Incident Response Threat Hunting Cybersecurity Analysis Malware analysis SIEM Monitoring EDR Tools

Leave it if you'd like a reply — we won't use it for anything else.

Click to browse, drag & drop, or paste a screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Max 20MB each · Up to 5 files