Jobs · Information Technology · California

Security Operations Analyst II

Prometheus Real Estate Group · San Mateo, CA · 1 mo ago
Information Technology$105k–$135k/yrFull-time

About the role

The IT Team is seeking a Security Operations Analyst II to lead in-depth investigations and incident response to escalated events and be involved in security-based projects as well as manage security solutions/systems.

Responsibilities

  • Lead investigations for escalated incidents such as account compromises, endpoint malware, suspicious network activity, and SaaS misuse.
  • Correlate data across SIEM/XDR, identity/SSO, endpoint/EDR, network, and cloud/SaaS logs to build attack timelines, identify entry vectors, and assess lateral movement.
  • Coordinate containment and remediation with Infrastructure/IT—disabling or recovering compromised accounts, isolating infected endpoints and removing malware, validating EDR coverage and system integrity, and confirming cleanup success.
  • Produce clear, audit-ready incident documentation detailing scope, evidence, actions, timelines, decisions, and resolution rationale.
  • Act as an escalation point for the Service Desk and junior analysts, provide real-time guidance, and apply chain-of-custody and evidence-preservation practices for high-severity events, maintaining case files with hashes, screenshots, and IOC/IOA sets.
  • Tune and improve detections, automate repetitive workflows, and drive incident response improvements.
  • Refine existing rules and propose new use cases based on investigations and recurring patterns; enrich cases with threat intelligence (IOCs and TTPs) and incorporate those learnings into future detections and playbooks.
  • Contribute and evolve response playbooks for major incident types (account compromise, endpoint malware, SaaS abuse, suspicious network activity), participate in post-incident reviews with root-cause analyses and practitioner-level technical narratives, and recommend prioritized, practical prevention and mitigation improvements.
  • Conduct targeted threat hunts (e.g., OAuth abuse, living-off-the-land binaries, credential-stuffing against legacy protocols), define and track alert-quality KPIs (true/false positive ratios, suppression coverage), and collaborate to improve MTTD/MTTR.

Requirements

  • Bachelor’s Degree in the field of Computer Science, technology, or a related area with a master’s degree preferred.
  • 2–5 years in Security Operations or Infrastructure/IT Operations with a security focus.
  • 2+ years Windows/sysadmin experience; macOS/Linux a plus.
  • 2+ years core networking (IP, DNS, ports, VPN, firewalls).
  • Hands-on experience with SIEM/XDR, EDR, identity/SSO, and cloud/SaaS logs.
  • Able to read Windows event logs, perform basic endpoint triage, and apply MITRE ATT&CK for triage.
  • Strong written/verbal communication and incident leadership skills.
  • CompTIA Security+ required and other security certifications preferred.

Qualifications

  • Experience with SIEM/XDR, EDR, identity/SSO, and cloud/SaaS logs.
  • Ability to correlate data across multiple log sources.
  • Experience with incident response and containment.
  • Knowledge of MITRE ATT&CK framework.
  • Strong communication and leadership skills.

Skills

  • SIEM/XDR, EDR, identity/SSO, and cloud/SaaS logs.
  • MITRE ATT&CK framework.
  • Incident response and containment.
  • Threat hunting and analysis.
  • Communication and leadership skills.

Benefits

We offer a variety of benefits that take compensation well beyond a paycheck. This includes traditional benefits and benefits you might not expect or know about. The salary range provided is based on a number of factors, including location, job-related skills, experience, and qualifications. Compensation Pay Range: $105,000.00 to $135,000.00 per yearDiscretionary Annual Bonus Plan Benefits & Perks Medical; Vision; Dental:100% Company-paid plans (including eligible dependents) and affordable buy-up optionsLife Insurance; Accidental Death & Dismemberment Insurance; Long Term DisabilityBehavioral Health Program Accessible 24/7Tax-Free Flexible Spending Accounts401(K) Retirement Plan with Employer MatchingRecognition & Rewards Program (Torch)Vacation: 10 days per year with accrual increase overtimeAnniversary Vacation: 40-hour Vacation Granted at Tenured MilestonesSick Leave: 9 days per year12 paid holidays, including your birthday!Paid Volunteer TimeTenure-based Housing discountsEducational Assistance, Tuition ReimbursementReferral BonusHybrid Work Schedule

Similar jobs

Security Analyst II

CyderesUnited States· 6 days ago
RemoteInformation Technologyapply on jobs.lever.co

Security Analyst II

Lucid SoftwareRaleigh, NC· 5 days ago
Information Technologyapply on job-boards.greenhouse.io

Security Analyst II

Lucid SoftwareSalt Lake City, UT· 5 days ago
Information Technologyapply on job-boards.greenhouse.io

Security Analyst II

PBSAlexandria, VA· 5 days ago
Information Technology$155k–$165k/yrapply on vhr-pbs.wd115.myworkdayjobs.com

Security Analyst II

Foresite CybersecurityOverland Park, KS· 1 mo ago
Information Technologyapply on careers.foresite.com