Lead Analyst, Cybersecurity

About The Position

Requirements

• Bachelor’s degree in computer science, Cybersecurity, Information Systems, or a related field (or equivalent experience).
• 4–5+ years of progressive experience in security operations, incident response, or detection engineering.
• Experienced in cybersecurity incident response, endpoint security, SOC management, and Linux operating systems.
• Experience acting as an escalation lead or incident commander for high severity incidents.
• Progressive experience across cloud, network, endpoint, or identity security domains.
• Hands-on experience building detections, dashboards, or automations using SIEM and SOAR platforms.
• Strong scripting or automation skills (e.g., Python, PowerShell, Bash).
• Solid understanding of core security principles such as defense in depth, least privilege, secure defaults, and separation of duties.
• Experience participating in real-world incident response and/or threat hunting activities.
• Strong communication skills with the ability to explain technical issues to nontechnical stakeholders.
• Advanced incident response and investigation skills across cloud, endpoint, network, and identity environments.
• Strong detection engineering mindset with the ability to translate threats into high-fidelity alerts.
• Proficiency in scripting and automation to enhance SOC efficiency.
• Solid understanding of attacker tactics, techniques, and procedures (TTPs) and security frameworks (e.g., MITRE ATT&CK).

Responsibilities

• Lead and oversee 24x7 SOC operations, ensuring consistent monitoring, triage, and response to security events.
• Serve as the primary escalation point for high severity and complex security incidents.
• Coordinate incident response activities across IT, Cloud, Network, Legal, and Business stakeholders.
• Execute and continually improve incident response to playbooks and runbooks.
• Conduct post incident reviews to identify gaps, lessons learned, and improvement opportunities.
• Develop, maintain, and optimize SIEM detections and dashboards to improve signal quality and coverage.
• Build and enhance SOAR playbooks and automations to reduce mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR).
• Troubleshoot detection failures, false positives/negatives, performance issues, and tool integrations.
• Contribute to security tooling strategy, rationalization, and roadmap planning.
• Perform proactive threat hunting to identify adversary behavior and emerging risks.
• Translate threat intelligence and attack techniques into actionable detections.
• Continuously evaluate SOC processes, tools, and workflows to improve efficiency and effectiveness.

Benefits

• Health care and wellness plans
• Dental and vision plans
• Flexible and virtual work options (where available)
• 401(k) Savings Plan with company match
• Employee Stock Purchase Plan offering eligible employees the ability to purchase AGCO stock at a discounted price
• Paid holidays and paid time off
• Health savings and flexible spending accounts
• Reimbursement for continuing education
• Life insurance and other supplemental insurance plans