IT Security Operations Analyst

About The Position

Requirements

• 2-4 years of experience in Information Security, Security Operations, or IT Security
• Direct experience with EDR platforms (SentinelOne and/or Huntress preferred)
• Experience working with or alongside managed SOC/MDR providers
• Strong ability to triage and prioritize security alerts
• Familiarity with endpoint security tools and alert management workflows
• Understanding of incident response fundamentals
• Ability to translate technical security issues to non-technical stakeholders
• Strong organizational and critical thinking skills

Nice To Haves

• Working knowledge of Arctic Wolf, Microsoft 365, Entra, or similar platforms
• Exposure to AWS environments and cloud security concepts
• Familiarity with security frameworks (NIST, CIS)
• Experience in environments with third-party SOC or MDR providers
• Strong attention to detail and operational ownership
• Analytical mindset with sound judgment
• Ability to manage multiple priorities
• Collaborative and team orientated
• Clear written and verbal communication

Responsibilities

• Serve as the primarily liaison to Arctic Wolf, managing escalations, turning alert fidelity, and ensuring SLA adherence.
• Administer and optimize Huntress and SentinelOne deployments – including agent health, coverage gaps, policy configurations, and exclusion management.
• Triage and response to incidents surfaced by the third-party SOC, coordinating containment and remediation with internal stakeholders.
• Refine detection rules, dashboards and reporting to reduce noise and surface high-signal alerts.
• Review and action Arctic Wolf tickets and Huntress/SentinelOne findings daily.
• Maintain endpoint scanner coverage across the environment, tracking and resolving unmanaged or unhealthy agents.
• Partner with IT and business teams to ensure security tooling does not disrupt operations.
• Document incidents, response actions, and lessons learned.
• Gain exposure to secure AWS architectures, including governance guardrails and scalable security patterns.
• Support secure standards for cloud modernization, application migrations, and cloud-native development.
• Participate in security reviews and continuous posture improvement efforts.
• Support enterprise security policies, stands, and control frameworks aligned to NIST and CIS benchmarks.
• Assist with control assessments, evidence collection, and audit readiness activities.
• Partner in remediation tracking and risk communication efforts.
• Assist in maintaining Microsoft 365 and Entra security baselines, including MFA and Conditional Access.
• Support identity governance and least privilege enforcement.
• Gain exposure to identity integrations and access control models.
• Manage security for enterprise data platforms and SaaS integrations.
• Assist in monitoring and protection of data access and usage patterns.
• Partner with technology and business teams to support secure operations.
• Communicate security issues in clear, business-relevant terms.
• Contribute to documentation, reporting, and continuous improvement efforts.