Acronis is a global leader in cyber protection, delivering natively integrated solutions that monitor, control, and protect the data that businesses and lives depend on. Driven by our passion to protect every workload, we’ve built the industry’s only all-in-one cyber protection platform. We are looking for a Senior MDR Analyst to join us in protecting the digital world.

The Senior MDR Analyst leads the investigation and resolution of complex EDR/XDR incidents within the Acronis MDR service. This role focuses on advanced threat analysis, autonomous decision-making on remediation strategies, and delivering strategic guidance to customers, while driving continuous service improvement across the MDR pipeline.

The analyst will partner with the AI engineering team to architect and refine automated triage and Agentic AI capabilities within the MDR workflow, and will mentor junior and mid-level analysts to elevate overall team capability. This is a leadership-track role, with opportunities to shape detection engineering strategy, drive proactive threat hunting initiatives, and influence the evolution of the MDR service.

Responsibilities

Lead investigation of complex EDR/XDR incidents, ensuring accurate triage, root cause analysis, and severity assessment
Design and execute advanced remediation strategies including workload isolation, threat containment, and recovery coordination
Mentor junior and mid-level analysts, conducting case reviews and knowledge-sharing sessions
Drive collaboration with AI engineering to architect automated triage, correlation, and response workflows
Handle escalated incidents end-to-end, making autonomous decisions on response actions and customer communication
Own development and continuous improvement of playbooks, automation rules, and detection logic across the MDR pipeline
Communicate proactively with customers via email and phone, providing strategic recommendations and post-incident reviews
Track emerging threat landscape, attacker tradecraft, and translate intelligence into actionable detection improvements
Work 5-day/8-hour schedule, with flexibility for morning or afternoon shifts and weekend coverage, acting as escalation point during critical incidents

Requirements

3–6 years of experience in SOC, MDR, or security operations, with demonstrated progression in incident handling complexity
Deep expertise in EDR/XDR operations, threat hunting, and end-to-end incident response workflows
Advanced knowledge of attacker TTPs, MITRE ATT&CK framework, and ability to map real-world incidents to techniques systematically
Expert-level log analysis in Kibana or equivalent, capable of rapid correlation across multiple data sources under pressure
Hands-on experience building or optimizing workflows in security tools (EDR, SIEM, SOAR) with proven contributions to automation and process improvement
Ability to independently drive investigations, make judgment calls on ambiguous cases, and document findings to a reproducible standard
Strong communication skills with experience delivering technical and executive-level updates to customers via email and phone
Strong analytical mindset with attention to details and ability to coach others on investigative rigor

WHO WE ARE

A Swiss company founded in Singapore in 2003, Acronis offers over twenty years of innovation with 15 offices worldwide and more than 1800 employees in 50+ countries. Acronis Cyber Protect is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.

Our corporate culture centers on innovation, accountability, and impact. We encourage our people to think boldly, challenge conventional approaches, and take ownership of outcomes. As a member of our global “A-Team,” you’ll operate in a high-growth, fast-paced environment where resilience, adaptability, and a commitment to continuous improvement drive success.

OUR INTERVIEW PRACTICES

To ensure a fair and genuine hiring process, candidates are expected to participate in interviews without the use of AI tools, automated prompts, or third-party assistance. Interviews are designed to assess individual skills, experience, and communication style and we value authentic, real-time interaction.

Use of AI or external assistance during live interviews may result in disqualification. For roles where AI skills are being evaluated, permitted use of AI tools will be clearly communicated in advance. Candidates may be asked to disable virtual backgrounds or participate in in-person interviews. All employment offers are contingent upon successful completion of applicable criminal, education and identity background checks

Acronis is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, marital status, national origin, physical or mental disability, medical condition, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, gender identity or expression, or any other characteristic protected by applicable laws, regulations and ordinances.

#L1-WC1

Security

Senior MDR Analyst (L3)

Please note that the application process will be managed on our partner website, Workday, which will require you to log in or create an account.