Security Analyst

About The Position

Requirements

• Bachelor's Degree or equivalent

Nice To Haves

• Experience contributing to security operations, incident response, or threat detection in an enterprise environment.
• Hands‑on experience with security monitoring and analysis across: Endpoint (EDR/XDR), Identity (IAM, Active Directory, Entra ID), Network and firewall technologies, Cloud platforms and SaaS environments
• Leading incident response to malware, phishing, ransomware, cloud compromise, and identity attacks
• Familiarity with SIEM platforms, alert triage, case management, and log correlation.
• Writing and tuning detection queries using KQL, SPL, or similar languages.
• Understanding of common attacker techniques, malware behavior, and modern threat trends.
• Scripting or query experience using PowerShell, Python, or similar languages.
• Strong analytical and problem‑solving abilities with attention to detail.
• Ability to prioritize and manage multiple investigations simultaneously.
• Clear, concise written and verbal communication skills.
• Confidence making remediation and containment recommendations based on risk.
• Self‑motivated, organized, and comfortable working with minimal supervision.

Responsibilities

• Investigate and respond to security events and incidents across endpoint, identity, network, application, cloud, and SaaS environments.
• Lead or support Tier 2/3 incident response, including containment, eradication, recovery, and post incident analysis.
• Correlate multi-source telemetry (SIEM, EDR/XDR, cloud, identity, email, threat intelligence) to determine root cause, scope, and impact.
• Provide clear, timely incident updates and risk assessments to technical teams and stakeholders.
• Conduct proactive, hypothesis-driven threat hunting aligned to MITRE ATT&CK and current adversary tradecraft.
• Analyze emerging threats, attacker behavior, and indicators relevant to the enterprise environment.
• Improve detection capability by partnering with detection engineering to enhance coverage, fidelity, and reduce noise.
• Investigate threats related to cloud workloads, SaaS platforms, and identity systems.
• Analyze and respond to identity compromise, privilege abuse, misconfiguration, and unauthorized access scenarios.
• Support implementation and validation of modern, Zero Trust-aligned security controls.
• Drive improvements in detection, response, and analyst workflows through automation and process optimization.
• Evaluate and operationalize new security technologies and capabilities.
• Maintain accurate, defensible documentation of incidents and recommend enhancements to playbooks and procedures.
• Partner with infrastructure, cloud, application, and identity teams to remediate issues and reduce risk.
• Act as a technical resource for analysts and contribute to knowledge sharing and team development.
• Communicate complex security concepts clearly to both technical and non-technical stakeholders.

Benefits

• Hybrid Working – a mix of working from home and in the office
• 22 weeks of paid leave for family growth, with 12 weeks available to all parents on a gender-equal basis
• Competitive 401(k) program with company match up to 8%
• Well-being program including holistic wellbeing coaching, gym membership, confidential counselling, financial and legal advice
• Tuition Reimbursement for professional certifications, and continuing education
• Employee Network and Community – QBE actively supports six Employee Networks, and many ways to give back to your community