Security Analyst
About The Position
At Bolster, you will help protect global brands from phishing, impersonation, and online fraud campaigns targeting their customers and employees. In this role, you will investigate suspicious domains, websites, and malicious infrastructure, validate emerging threats, and support remediation and takedown efforts. You will work closely with cross-functional teams in a fast-paced environment focused on identifying and disrupting cyber threats. We are seeking a highly motivated and detail-oriented Security Analyst – Threat Hunting / Cybersecurity Analyst to join our growing security team. The ideal candidate has experience in cybersecurity investigations, threat hunting, phishing analysis, and online fraud detection, along with strong analytical and problem-solving skills.
Requirements
- 2+ years of experience in cybersecurity, Trust & Safety, brand protection, threat intelligence, or related security operations roles.
- Well-versed in phishing, impersonation, credential harvesting, and online fraud activity, including investigative and reporting workflows.
- Understanding of internet infrastructure, including domains, DNS, hosting providers, redirects, and attacker infrastructure.
- Knowledge of cybersecurity and fraud detection principles, including common attacker tactics, techniques, and procedures (TTPs).
- Strong analytical and investigative mindset with excellent problem-solving and hypothesis-driven investigation skills.
- Self-motivated and detail-oriented, with the ability to work independently and collaboratively in a fast-paced environment.
- Strong written and verbal communication skills, with the ability to clearly document findings and summarize technical information for internal stakeholders.
- Willingness and flexibility to assist with time-sensitive investigations and critical security incidents as needed.
Nice To Haves
- Experience with OSINT tools and investigative methodologies is preferred.
- Familiarity with threat intelligence platforms, phishing analysis, and abuse reporting processes is a plus.
- Security certifications such as Security+, GSEC, CySA+, or similar are a plus.
Responsibilities
- Proactively conduct threat hunting activities across endpoints, networks, cloud environments, and security platforms.
- Monitor and analyze security alerts from SIEM, EDR, IDS/IPS, and other security tools.
- Investigate suspicious activities, indicators of compromise (IOCs), and potential security incidents.
- Perform incident triage, containment, remediation, and post-incident analysis.
- Develop and refine detection rules, use cases, and threat intelligence correlations.
- Analyze malware, phishing attempts, and attack patterns to identify emerging threats.
- Collaborate with IT, Engineering, and Infrastructure teams to strengthen security controls.
- Document investigations, findings, and remediation recommendations clearly and accurately.
- Support vulnerability management and security assessment initiatives.
- Stay current on cybersecurity trends, threat actors, tactics, techniques, and procedures (TTPs).
Benefits
- Excellent medical, dental, and vision insurance
- Flexible time off + paid holidays.
- Equity + 401(k) plan
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
