Jobs · Information Technology · Florida

Senior Cybersecurity Analyst

TENEX.AI · Sarasota, FL · 3 wk ago
On-siteInformation TechnologyFull-time

Key Responsibilities

  • Threat Monitoring & Detection
  • Perform triage, investigation, and correlation of security events to determine the severity and impact of potential threats.
  • Leverage Google Chronicle's capabilities for threat intelligence and log analysis, enhancing visibility and providing insights into potential security incidents.
  • Apply AI to identify patterns, anomalies, and behaviors indicative of potential security incidents, reducing false positives and improving detection accuracy.
  • Participate in on-call rotations and team scheduling for critical security incidents as needed.
  • Incident Response & Analysis
  • Investigate and analyze security incidents and breaches, leveraging AI to automate initial analysis and enhance threat hunting efforts.
  • Respond to security incidents following established procedures, including containment, eradication, and recovery actions.
  • Conduct root cause analysis and forensic investigations to understand attack vectors and recommend mitigation strategies.
  • Utilize Google SecOps and Chronicle's advanced tools to centralize security data, correlate events, and accelerate incident response workflows.
  • Apply machine learning algorithms to identify emerging threats and trends, providing actionable insights for incident response.
  • Google SecOps & Chronicle Integration
  • Work with Google SecOps platform tools to streamline security operations, improve threat visibility, and automate workflows.
  • Collaborate with IT, Security, and Data Science teams to integrate Google Chronicle’s capabilities into the SOC, enhancing threat detection and incident resolution.
  • Optimize Google Chronicle for log management, threat hunting, and advanced analytics.
  • Security Automation
  • Develop and maintain automated workflows for common security incidents, leveraging AI for intelligent decision-making and faster response times.
  • Automate routine SOC tasks such as log analysis, incident classification, and threat intelligence enrichment using Google SecOps and Chronicle integrations.
  • Reporting & Documentation
  • Create detailed reports on incidents and threat intelligence summaries integrating AI-driven findings and insights.
  • Prepare regular performance and security posture reports for internal stakeholders, highlighting key AI-driven improvements and threat mitigation outcomes.
  • Generate and present reports on threat trends, and SOC operations for internal stakeholders and customers.
  • Provide recommendations for security improvements and contribute to SOC playbook development.
  • Collaboration & Knowledge Sharing
  • Work closely with cross-functional teams (e.g., IT, Customer Success, Engineering) to promote and improve AI-driven security initiatives and improve the customers' overall security posture.
  • Share knowledge of AI-powered security techniques and Google SecOps tools with SOC team members to enhance their capabilities in threat detection and incident response.

Qualifications

  • Education: Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience.
  • Relevant certifications (e.g., CISSP, CISM, CEH) are a plus.
  • Experience: 4+ years of experience in a Security Operations Center (SOC) or a similar security-focused role.
  • Hands-on experience with security analytics, log management, threat hunting, and incident response.
  • Interest in applying automation and/or artificial intelligence and machine learning techniques to cybersecurity tasks, such as threat detection, anomaly detection, and security automation.
  • Technical Skills: Strong understanding of cybersecurity concepts and frameworks (e.g., NIST, Mitre, ISO, Killl Chain).
  • Experience with tools for cybersecurity, such as intrusion detection systems (IDS), SIEM tools, and security automation platforms.
  • Proficiency in scripting languages (e.g., Python, PowerShell) for automation and integration.
  • Knowledge of security technologies such as firewalls, endpoint protection, IDS/IPS, and threat intelligence platforms.
  • Soft Skills: Strong analytical and problem-solving skills.
  • Excellent communication skills for interacting with internal teams and external customers.
  • Ability to work under pressure in a fast-paced, dynamic environment.
  • Preferred Skills: Experience with security orchestration, automation, and response (SOAR) platforms.
  • Exposure to cloud security platforms (e.g., AWS, Azure, Google Cloud) and the associated risks.
  • Practical experience working with Google SecOps tools and Chronicle for centralized threat intelligence and event correlation a plus.
  • Hands-on experience with the Microsoft security platform (Sentinel, Defender) is a plus.

Similar jobs