Jobs · Information Technology · Florida

Sr. IS Analyst - Security Operations

Franklin Templeton · St. Petersburg, FL · 2 wk ago
Information Technology$115k–$135k/yrFull-time

Core Objective

The role is responsible for leading SOC investigations, incident response, containment, and remediation while improving detection coverage, response effectiveness, threat hunting outcomes, and SOC operational maturity.

What is the Security Operations Center (SOC) responsible for?

The SOC is responsible for continuously monitoring and improving the organization’s security posture by preventing, detecting, analyzing, and responding to cybersecurity incidents using security tools, threat intelligence, defined processes, and operational response capabilities.

Role Scope

Independently monitor, triage, investigate, and respond to security alerts and incidents while coordinating containment, remediation, and escalation activities. The role is expected to handle most day-to-day SOC investigations, improve detection quality, contribute to threat hunting, maintain strong case documentation, and provide guidance to analysts when required.

Role Summary

The role is responsible for advanced security monitoring, investigation, and incident response in a 24x7 SOC environment. It requires strong analytical thinking, evidence-based investigation, and the ability to correlate activity across endpoints, network, identity, email, cloud, applications, and enterprise security tools. The role contributes to SOC maturity by improving detection rules, use cases, escalation logic, playbooks, investigation guides, and response documentation. It also supports threat hunting, post-incident reviews, stakeholder communication, and remediation tracking to strengthen the organization’s overall detection and response posture.

What You Will Add Value

  • Maintain and improve SOC playbooks, runbooks, standard operating procedures, knowledge articles, investigation guides, and response documentation.
  • Support analysts through investigation guidance, knowledge sharing, and review of incident handling quality.
  • Collaborate with security engineering, infrastructure, application, cloud, identity, and business teams to support investigation, containment, remediation, and control improvement.
  • Track remediation actions with responsible teams and ensure incident-related risks, findings, and corrective actions are addressed in a timely manner.
  • Conduct threat hunting using threat intelligence, indicators of compromise, behavioral patterns, attack techniques, and frameworks such as MITRE ATT&CK.
  • Review, tune, and improve SIEM, EDR, XDR, and related detection rules, correlation logic, alert thresholds, and monitoring use cases to improve detection accuracy and reduce false positives.
  • Identify gaps in logging, monitoring, alerting, detection coverage, escalation, and response processes, and recommend practical improvements.
  • Prepare clear incident reports, investigation summaries, escalation notes, and stakeholder communications for technical and non-technical audiences.
  • Perform detailed investigation of suspicious activity across endpoints, network, identity, email, cloud, applications, and other enterprise security technologies.
  • Validate alerts, determine scope and impact, identify affected users, systems, accounts, and data, and distinguish true positives from false positives.
  • Lead and support incident response activities across the incident lifecycle, including detection, analysis, containment coordination, remediation tracking, recovery support, and closure documentation.
  • Perform root cause analysis for security incidents and document evidence, timeline, impact, actions taken, remediation recommendations, and lessons learned.

Qualifications

  • Educational background in Cybersecurity, Computer Science, Information Technology, Engineering, or a related discipline, preferably with cybersecurity-focused coursework, specialization, or practical security exposure.
  • 4-7 years of hands-on experience in SOC, security operations, incident response, threat detection, security monitoring, or related cybersecurity operations roles.
  • Strong hands-on experience with SIEM and EDR/XDR platforms, including alert investigation, log analysis, case handling, incident scoping, and evidence collection.
  • Strong understanding of security operations concepts, including alert triage, incident response, threat detection, attack techniques, networking fundamentals, operating systems, identity security, cloud security, and core security principles.
  • Experience improving detection rules, correlation logic, alert quality, use cases, monitoring coverage, and false positive reduction.
  • Practical knowledge of MITRE ATT&CK, threat intelligence, indicators of compromise, attacker behavior, and common threat hunting approaches.
  • Familiarity with common security frameworks and control references such as NIST, CIS, and related industry practices.
  • Exposure to cloud environments, identity and access technologies, email security, network security, endpoint security, threat intelligence, ticketing systems, or security analytics platforms.
  • Basic scripting or automation exposure using Python, PowerShell, APIs, JSON, REST, or similar technologies is a plus, especially for investigation support and operational efficiency.
  • Strong attention to detail, structured thinking, ownership, curiosity, and ability to manage multiple concurrent incidents in a 24x7 operating environment.
  • Effective written and verbal communication skills with the ability to document findings clearly, explain technical observations, and collaborate with stakeholders and leadership.

Benefits

Franklin Templeton offers a comprehensive Total Rewards package designed to support your well-being and recognize your time, talents, and results. Highlights include:

  • Paid Time Off: Three weeks of PTO in your first year
  • Health Coverage: Competitive medical, dental, and vision insurance
  • Retirement Savings: 401(k) plan with an 85% company match on pre-tax and/or Roth contributions, up to IRS limits
  • Equity & Investing: Employee Stock Investment Plan (ESIP) with discounted share purchase opportunities
  • Learning Education Assistance Program (LEAP): To support your ongoing growth and career advancement
  • Career Development Programs
  • Reimbursement for Certain Education Expenses
  • Paid Time Off (vacation / holidays / sick / leave / parental & caregiving leave / bereavement / volunteering / floating holidays)
  • A motivational wellbeing program
The annual salary for this position ranges between $115,000 – $135,000, depending on location and level of relevant experience, plus discretionary bonus.

Schedule & Location

This role will work a hybrid schedule in the St. Petersburg, FL office, 3 days/week.

Similar jobs

Sr. Security Analyst

Motion RecruitmentAtlanta, GA· 5 days ago
$42.1–$47.1/hrapply on motionrecruitment.com

Sr. Security Analyst

NLB ServicesAtlanta, GA· 1 wk ago
Information Technologyapply on www2.jobdiva.com

Sr. Security Analyst

Horizontal TalentAtlanta, GA· 1 wk ago
Information Technologyapply on horizontaltalent.com

Sr. Security Analyst

LippertUnited States· 2 wk ago
RemoteInformation Technologyapply on careers.lippert.com

Sr Security Analyst

QuickbaseBoston, MA· 1 wk ago
Information Technology$91k–$144k/yrapply on quickbase.wd504.myworkdayjobs.com