AI and Automation Analyst

MUFG•Jersey City, NJ

1d•Hybrid

About The Position

As an AI and Automation Analyst, you will support the development and continuous improvement of threat detection, security monitoring content, and automated response capabilities within the Security Operations Center and Incident Response services. This role is ideal for an early‑career cybersecurity professional with an interest in AI, automation, and detection engineering. You will work alongside senior SCRAT engineers, SOC analysts, and incident responders to help design, tune, and operationalize detections and workflows aligned to frameworks such as MITRE ATT&CK and the cyber kill chain. The role emphasizes hands‑on learning, structured execution, and incremental ownership of automation and AI‑assisted use cases that improve analyst efficiency and security outcomes.

Requirements

Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Data Analytics, or a related field, or equivalent practical experience.
Foundational understanding of security monitoring concepts, including SIEM, alerting, and incident handling workflows.
Familiarity with security frameworks such as MITRE ATT&CK and high‑level stages of the cyber kill chain.
Interest in or introductory experience with automation, scripting, APIs, or low‑code/no‑code platforms.
Basic understanding of AI or machine learning concepts (e.g., what LLMs are used for, supervised vs unsupervised learning), with interest in applying them responsibly in security operations.
Strong analytical and problem‑solving skills, with the ability to break down ambiguous security problems into actionable tasks.
Ability to document work clearly and follow established processes and operating procedures.

Nice To Haves

Exposure to cloud, endpoint, network, or application security concepts is a plus but not required.
Relevant coursework, labs, internships, or certifications (e.g., Security+, SANS fundamentals) are beneficial but not mandatory.

Responsibilities

Support the development, testing, and tuning of security monitoring use cases and detections aligned to MITRE ATT&CK and identified threat behaviors.
Assist in building and maintaining automated workflows within SOAR and low‑code platforms to enrich alerts, reduce manual effort, and support consistent response actions.
Help implement AI‑assisted capabilities such as alert enrichment, case summarization, anomaly flagging, or investigation support under senior guidance and established governance.
Perform analysis of security events and alert data to validate detection logic and identify false positives, gaps, or automation improvement opportunities.
Collaborate with SOC, Incident Response, Threat Intelligence, and Forensics teams to ensure detections and automations align with operational needs and response procedures.
Contribute to documentation, playbooks, and runbooks related to detections, automations, and monitoring workflows.
Support basic reporting and metrics related to detection coverage, alert quality, and automation effectiveness.
Stay current on emerging threats, attack techniques, and automation trends relevant to detection engineering and SOC operations.