Incident Response Analyst

Full Time
Lehi, UT
Areas of Interest: Incident Response
report a problem

Ancestry is seeking a passionate and talented Incident Response Analyst to join our Incident Response Team, a critical part of our world-class Information Security function. This is a technical, hands-on role that will work with a variety of security tools and technologies protecting enterprise and production environments.

The successful candidate will be responsible for handling the entire lifecycle of security incidents from detection to resolution and root cause analysis. You will be responsible for managing and escalating security incidents, in both Ancestry’s production and enterprise environments, in accordance with Ancestry’s Incident Response plan.

You will report to Ancestry’s Incident Response Team lead and will have scope to shape and improve Ancestry's comprehensive incident response stack. This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with security in its DNA.

What You Will Do:

  • Analyze a large volume of security event data from a variety of sources with the goal of identifying suspicious and malicious activity.
  • Identify, track and report network intrusions using multiple cyber technologies.
  • Triage and analysis of real-time data feeds (such as system logs and alerts) for potential intrusions.
  • Create documentation regarding the identification, analysis and remediation of security threats and incidents.
  • Perform follow-up analysis throughout the incident lifecycle, and complete projects and tasks associated with security monitoring, detection, and incident response.
  • Authoring and implementation of original detection rules for various monitoring systems on the basis of current threats and vulnerabilities.
  • Build and maintain custom security detection logic to analyze and correlate information to produce meaningful and actionable results.
  • Participation in on-call rotation to provide 24x7 incident response coverage.
  • Development of custom tools to detect malicious activity at the user, host, and network levels, either as stand-alone tools or as prototypes of more complex solutions.


  • Working towards a B.S. in Computer Science or related field with at least 1-2 years’ experience working on information security projects or internship.
  • Strongly driven by learning new technologies.
  • Excellent troubleshooting skills – ability to review an incident, provide a recommended action to fix the issue, and document the steps taken to achieve the resolution.
  • Experience with activities related to Incident Response and Intrusion Detection
  • Experience in process automation in a security environment.
  • Ability to work both independently with little supervision as well as in a team environment
  • Ability to work closely with and collaborate with other security professionals to develop incident response plans and procedures.
  • Ability to operate effectively and efficiently in a high-demand environment.
  • Excellent communications skills, capable of working with cross functional technical and business teams and varying levels of management, in a professional manner.
  • Desire to find efficiencies and automate detection, analysis, and remediation.
  • Knowledge of the latest attack trends, tools and the threat landscape
  • Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
  • Knowledge of common web and system security vulnerabilities and remediation techniques (OWASP top-10, etc.).
  • Strong understanding of Linux, Windows, or Mac system internals and security controls.

Preferred Qualifications:

  • Technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security.
  • Knowledge of common threat hunting tools and technologies.
  • Familiarity with Amazon Web Services (AWS) products and security controls.
  • Programming experience in one or more modern language such as Python, Ruby, Perl, PowerShell, C, C++, C#, or Java.
  • Experience with ServiceNow or other inventory/change management system a plus.

Additional Information

We’re a cutting-edge tech company with a very human mission—to help every person discover, preserve, and share the story of what led to them. Combining the rich information in family trees and historical records with the genetic details revealed in DNA, we create unique experiences that give people a new understanding of their lives, because connecting all the pieces of our family story can give us the deepest sense of who we are.

For more information on what we do and why you would want to work at Ancestry, visit our careers

Ancestry is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at Ancestry via-email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Ancestry. No fee will be paid in the event the candidate is hired by Ancestry as a result of the referral or through other means . 

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.


Share this job:


Ancestry is the global leader in family history and consumer genomics, harnessing a powerful combination of information, science, and technology to develop new experiences to help everyone, everywhere discover the story of what led to them. Ancestry offers a suite of family history products and services including AncestryDNA, Archives, ProGenealogists, and Fold3.

AncestryDNA is the world's largest consumer genomics database providing consumers insights into their ancestral origins. The service enables customers to not only uncover their ethnic mix and rich family stories, but discover distant relatives with a common ancestral match, and help solve the toughest family mysteries.

Ancestry by the numbers:
  • Since 1996, more than 20 billion records have been added, and users have created more than 80 million family trees on the Ancestry flagship site and its affiliated international websites.
  • More than 4 million people genotyped in the AncestryDNA database.
‚ÄčThe company has more than 1,400 employees in locations across the globe. Headquartered in Utah, Ancestry has offices in San Francisco, Dublin, London, Sydney, Munich, and Stockholm.

There’s power in knowing who you are and where you come from. This is the driving force behind everything we do. We’re passionate about using technology to create simple, useful, and delightful experiences that enrich lives and connect families. We’re continually looking for talented, hard-working individuals who are passionate about bringing this mission to life.

Consumer genomics, Family history, Data science, and Handwriting recognition
Visit Ancestry's Social Media pages:
Company Type: Privately Held