Cybersecurity Analyst

About The Position

Requirements

• 3+ years of experience in Security Operations / SOC / Incident Response
• Hands‑on experience with: SIEM platforms (log ingestion, correlation, alerting) SOAR platforms (playbooks, automation) Incident Response & Digital Forensics
• Strong hands-on experience with Microsoft Defender ecosystem: Defender for Endpoint Defender for Office 365 Defender for Identity Defender for Cloud Apps Defender for Cloud
• Experience with Microsoft Sentinel (analytics rules, KQL, workbooks, automation)
• Experience with one or more Managed Detection & Response (MDR) / XDR platforms, such as: CrowdStrike Rapid7 Arctic Wolf or similar enterprise MDR/XDR solutions
• Solid understanding of: Identity & Access Management (IAM) Cloud Security Endpoint & Email Security Threat Detection & Response Accelerators
• Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)
• Experience with AI‑driven security operations, including: Copilot for Security GenAI‑powered SOC tools AI‑assisted investigation and response
• Experience with cloud platforms: AWS, OCI, Azure, or GCP
• Familiarity with XDR‑native SIEM platforms
• Scripting or automation experience: Python, PowerShell, KQL, REST APIs
• Experience with MITRE ATT&CK, NIST CSF, or similar frameworks
• Relevant certifications: SC‑200, SC‑100 GCED / GCIH / GCIA AZ‑500, AWS Security Specialty CrowdStrike, Rapid7, or Sentinel certifications
• Applicants must be legally authorized to work in the United States.
• This role is not eligible for immigration sponsorship now or in the future (e.g., H-1B, TN, F-1 OPT).

Responsibilities

• Security Operations & Incident Response Monitor and triage security alerts from SIEM, XDR, EDR, and MDR platforms
• Perform incident investigation, containment, eradication, and recovery
• Conduct root cause analysis and document incidents, lessons learned, and response improvements
• Support 24x7 SOC operations (on‑call or rotational as required)
• Security Analytics & Detection Engineering Develop, tune, and maintain SIEM detection rules, analytics, and dashboards
• Perform security data analysis across logs, telemetry, and threat intelligence sources
• Correlate data across endpoints, identities, networks, cloud workloads, and applications
• Improve signal‑to‑noise ratio and reduce false positives
• SOAR, Automation & AI‑Driven Security Design, implement, and optimize SOAR playbooks for alert triage and response
• Support SOC automation initiatives to reduce manual effort and MTTR
• Leverage AI‑powered security assistants (e.g., Microsoft Copilot for Security or other GenAI tools) to: Accelerate investigations Summarize incidents Enhance analyst productivity Contribute to adoption of AI‑driven SIEM/XDR capabilities (added plus)
• Forensics & Threat Investigation Perform endpoint, identity, email, and cloud forensics
• Analyze malware, phishing, and account compromise scenarios
• Partner with Threat Intelligence teams to track adversary techniques (MITRE ATT&CK)
• Collaboration & Continuous Improvement Work with IAM, Cloud Security, Network, and Application Security teams
• Support continuous improvement of SOC processes, runbooks, and metrics
• Participate in purple team exercises, tabletop simulations, and post‑incident reviews

Benefits

• Graco offers attractive compensation, benefits and career development opportunities.
• Graco’s comprehensive benefits include medical, dental, stock purchase plan, 401(k), tuition reimbursement and more.