Senior Security Analyst
About the role
This role combines advanced technical expertise with leadership responsibilities, including coaching analysts, coordinating major incident response activities, and partnering with Security Engineering, Threat Intelligence, Detection Engineering, and Customer Success teams. The ideal candidate has extensive experience investigating endpoint, identity, cloud, and network threats within a 24x7 SOC or MDR environment.
Responsibilities
- Lead complex security investigations involving ransomware, phishing, business email compromise (BEC), insider threats, credential theft, privilege escalation, lateral movement, cloud attacks, and advanced persistent threats (APTs)
- Serve as the technical escalation point for Tier I and Tier II Security Analysts, providing mentorship, coaching, and guidance during high-priority incidents
- Perform advanced incident detection, triage, containment, eradication, recovery, and root cause analysis across endpoint, network, cloud, and identity environments
- Monitor, investigate, and respond to security alerts using SIEM, EDR/XDR, SOAR, and threat intelligence platforms
- Conduct proactive threat hunting using the MITRE ATT&CK Framework, Indicators of Compromise (IOCs), Indicators of Attack (IOAs), and behavioral analytics
- Develop and optimize detection rules, correlation searches, dashboards, and automated response playbooks to improve detection accuracy and reduce false positives
- Analyze security telemetry across Windows, Linux, Active Directory, Microsoft Entra ID, Microsoft 365, Azure, AWS, and network infrastructure
- Utilize enterprise security tools including Microsoft Sentinel, Splunk Enterprise Security, IBM QRadar, Elastic Security, CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, Cortex XDR, VMware Carbon Black, Microsoft Defender XDR, CyberArk, SailPoint, Okta, and Microsoft Entra ID
- Investigate endpoint, identity, cloud, email, and network-based attacks using forensic data and security logs
- Partner with Detection Engineering, Threat Intelligence, Security Engineering, and Customer Success teams to continuously improve MDR capabilities
Requirements
- 6-10+ years of experience in Security Operations Center (SOC), Managed Detection & Response (MDR), Incident Response, Threat Hunting, and Cyber Defense
- Experience serving as a technical lead and mentoring Tier I and Tier II Security Analysts
- Deep understanding of the MITRE ATT&CK Framework, Cyber Kill Chain, and the Incident Response lifecycle
- Solid understanding of Windows internals, Active Directory, Microsoft Entra ID, and enterprise authentication
- Strong knowledge of network protocols including DNS, HTTP/S, SMB, LDAP, Kerberos, and TCP/IP
- Hands-on experience with SIEM, EDR/XDR, SOAR, and threat intelligence platforms
- Strong analytical, troubleshooting, and problem-solving skills with the ability to lead complex investigations
- Excellent written and verbal communication skills, including the ability to communicate technical findings to both technical and non-technical stakeholders
Benefits
Benefits that go beyond the basics, we support our people so they can do their best work. ✔ Medical Insurance - Employee + dependents covered ✔ Life Insurance - Protection for what matters most ✔ Retirement Match Program - We invest in your future ✔ Hybrid Work Model - 2-3 days in office ✔ Maternity & Paternity Leave - Time for the moments that matter ✔ Paid Time Off - PTO + sick & casual leave ✔ Bereavement & Volunteer Time - Give back to your community ✔ Professional Development - Reimbursement program ✔ LinkedIn L&D Platform - Thousands of courses at your fingertips ✔ Mobile Phone Reimbursement - Stay connected, on us
Pay
TBD
Schedule
Hybrid Work Model - 2-3 days in office
Skills
None specified
Qualifications
None specified