Jobs · Information Technology · California

Senior Security Operations Analyst

Crexi · Los Angeles, CA · 1 wk ago
On-siteInformation Technology$148k–$201k/yrFull-time

About the role

The Senior Security Operations Analyst is Crexi’s primary internal security practitioner, responsible for day-to-day security operations, threat detection and response, and maintaining a strong security posture across the organization. Reporting to the Director, Information Technology, this role serves as the internal first line of defense for security events, protecting company systems, endpoints, identities, and data against evolving threats.

Responsibilities

  • Monitor and triage security alerts, serve as the first internal escalation point for managed SOC vendors, investigate flagged incidents, and maintain accurate, timely incident logs.
  • Manage endpoint security tooling, administer EDR and MDM platforms, enforce policy compliance across employee devices, and remediate vulnerabilities identified through scans or alerts.
  • Owns identity and access management (IAM) policy, access review design and audit reporting.
  • Runs the phishing simulation and security awareness program, schedules and manages campaigns, tracks completion rates, reports results to leadership, and follows up with repeat offenders or high-risk user groups.
  • Supports SOC 2 evidence collection, pulls logs, screenshots, and control artifacts on a recurring cadence to support corporate-side controls for audit and compliance readiness.
  • Maintains security documentation, keeps runbooks, incident response procedures, and access control policies current, accurate, and accessible.
  • Partners with IT and engineering on security architecture reviews, vulnerability management, and secure configuration standards to reduce attack surface.
  • Supports vendor and third-party security assessments, including reviewing security questionnaires and tracking remediation commitments.
  • Tracks and reports key security metrics, alert volumes, mean time to respond, endpoint coverage, phishing click rates, and open vulnerabilities, on a recurring basis to the Director, IT.
  • Leverages AI-assisted threat detection and SIEM analytics to improve alert fidelity, reduce noise, and surface high-priority incidents faster.
  • Evaluates and pilots AI-powered security tools (e.g., AI-assisted SOAR, behavioral anomaly detection) to augment manual investigation workflows and accelerate response.

Qualifications

  • Strong working knowledge of security operations concepts: threat detection, incident response, vulnerability management, and identity and access control.
  • Hands-on experience with EDR platforms (e.g., CrowdStrike), MDM tools, and SIEM or log management platforms.
  • Familiarity with IAM principles and tools (e.g., Azure AD / Entra ID), including SSO, SCIM, and privileged access management.
  • Working knowledge of SOC 2 trust service criteria and the practical evidence collection requirements for a corporate IT environment.
  • Strong written communication skills, able to produce clear incident reports, runbooks, and executive-facing security summaries.
  • Detail-oriented and organized, with the ability to manage multiple open incidents, tasks, and recurring compliance obligations simultaneously.
  • Collaborative approach to working with cross-functional stakeholders including IT, engineering, legal, and HR.
  • Self-starter who operates with a high degree of ownership and escalates appropriately when uncertainty or risk warrants it.
  • Familiarity with AI/ML-assisted security tooling and an understanding of how AI both augments defensive capabilities and introduces new risk vectors to the environment.

Similar jobs

Senior Security Analyst

YardiSanta Barbara, CA· 1 wk ago
Information Technology$98k–$110k/yrapply on careers.yardi.com