Sr. Security Analyst
Lippert · United States · 1 wk ago
RemoteRemoteInformation TechnologyFull-time
About the role
The Senior Security Analyst is responsible for protecting the organization's information assets by proactively identifying, analyzing, and responding to security threats and vulnerabilities. This role requires advanced technical expertise, excellent analytical skills, and the ability to collaborate with various teams to ensure a strong and resilient security posture. The Senior Security Analyst will also provide guidance and mentorship to junior security team members.
Responsibilities
- Threat Detection & Incident Lifecycle Management - Lead end-to-end incident response by correlating multi-platform telemetry, coordinating cross-functional war rooms, mapping adversary behavior to MITRE ATT&CK, and delivering executive-level risk and impact reporting.
- Privileged Access Management (PAM) & Identity Threat Protection - Administer and mature enterprise PAM controls by enforcing secrets rotation, eliminating stale and orphaned privileged identities, and aligning identity governance to NIST, ISO 27001, and CIS standards.
- AI Security & Detection Engineering - Establish AI Security guardrails for safe adoption of AI models within the organization. This includes public AI models and homegrown agentic AI models. Threat Detection & Response using AI - Leverage embedded or custom AI agents to drive threat detection and response at scale. Implement SOAR to enhance signal-detection automation.
- Cloud & SaaS Security Operations - Secure cloud and SaaS environments by monitoring identity anomalies, enforcing DLP and Conditional Access policies, and strengthening cloud governance and threat visibility controls.
- Metrics, Reporting & Governance - Produce executive-ready security metrics and compliance evidence while continuously improving MTTD, MTTR, identity risk indicators, and overall detection quality aligned to NIST CSF.
- Other duties as assigned.
Qualifications
- Education - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline (or equivalent experience).
- Experience - 5+ years in security operations, red team/blue-team functions, incident response, privileged access management, and identity threat protection. Experience in global enterprise environments preferred.
- Technical Toolkit - Hands-on experience with platforms that support the following: Endpoint Detection Response, Identity Protection, SIEM, PAM, Data Loss Prevention, Email Security, SOAR platforms, securing AI systems by protecting models and training data, implementing governance safeguards to ensure resilient, compliant, and auditable AI operations.
- Framework Fluency - Working knowledge of NIST CSF 2.0, MITRE ATT&CK, ISO 27001, and CIS Critical Security Controls.
- Certifications (Anyone) - CISSP, CEH, CAISP, GCIA, GCED, CySA+, Azure Security Engineer, PAM related certifications, cloud security certifications or equivalent.