Security Operations Analyst

IterableBoston, MA
16h$92,000 - $149,000

About The Position

Iterable is the leading AI-powered customer engagement platform that helps leading brands like Redfin, SeatGeek, Priceline, Calm, and Box create dynamic, individualized experiences at scale. Our platform empowers organizations to activate customer data, design seamless cross-channel interactions, and optimize engagement—all with enterprise-grade security and compliance. Today, nearly 1,200 brands across 50+ countries rely on Iterable to drive growth, deepen customer relationships, and deliver joyful customer experiences. Our success is powered by extraordinary people who bring our core values—Trust, Growth Mindset, Balance, and Humility—to life. We foster a culture of innovation, collaboration, and inclusion, where ideas are valued and individuals are empowered to do their best work. That’s why we’ve been recognized as one of Inc’s Best Workplaces and Fastest Growing Companies, and were recognized on Forbes’ list of America’s Best Startup Employers in 2022. Notably, Iterable has also been listed on Wealthfront’s Career Launching Companies List and has held a top 10 ranking on the Top 25 Companies Where Women Want to Work. With a global presence—including offices in San Francisco, New York, Denver, London, and Lisbon, plus remote employees worldwide—we are committed to building a diverse and inclusive workplace. We welcome candidates from all backgrounds and encourage you to apply. Learn more about our story and mission on our Culture and About Us pages. Let’s shape the future of customer engagement together! How you will make an impact: We are seeking a detail orientated and process-driven Security Operations Analyst to join our Security Engineering team. This role is best suited for a Junior-level individual with some experience that is looking to transition into a Mid-level security operational role. The ideal candidate is ready and excited to become a critical part in maintaining our daily security posture through consistent operational execution, including alert triage, incident coordination, vulnerability and threat monitoring, and validation of detection coverage. This is a critical, hands-on security operations role and the primary operational resource supporting our Security Engineering team. Success hinges on a disciplined approach to daily execution, making this the perfect role for a process-driven individual eager to master foundational security operations and make a measurable impact on our security posture. Since this is a hands-on security operations role, your day-to-day tasks require exceptional attention to detail, comfort with repetitive workflows, and an ability to strictly follow defined runbooks and standard operating procedures (SOPs). Candidates that are disciplined, reliable, and motivated by doing foundational security operations well and embody regular, reliable, disciplined and motivated work are encouraged to apply. The willingness to learn new concepts and properly convey them to stakeholders is not only required but encouraged, as well as maintaining an open mind about different methods of accomplishing a goal.

Requirements

  • 2+ years experience in a Network Operations Center (NOC), Security Operations Center (SOC), Digital Forensics and Incident Response (DFIR) capacity, or Tier 2/3 IT Administrative Support role with a focus on transitioning completely into Security
  • Hands-on experience with SIEM / EDR platforms and ticketing workflows
  • Proven ability to strictly follow detailed procedures and runbooks with precision and provide feedback and constructive criticism of processes that can be improved upon with the wider team
  • Strong analytical and pattern-recognition skills with comfort reviewing large volumes of logs and alerts with minimal assistance
  • Working knowledge of security fundamentals: network protocols, common attack techniques, authentication/authorization, and cloud IAM basics
  • A strong desire to learn and grow in a technical field with specific tools and processes
  • Basic knowledge of several different OS types and corporate environment architecture and network structures

Nice To Haves

  • Knowledge of cloud-native environments (AWS, GCP, Azure) and modern production systems.
  • Experience with CI/CD pipelines, containerized environments, or cloud identity controls.
  • Exercises or experience in Purple-team oriented functions at a basic level, understanding commands at an Operating System level and how they are both identified and perceived by systems and responders
  • Conduct basic Threat Intel behaviors such as researching industry standard practices and trending threats
  • Basic to intermediate understanding of programming logic of common practical languages and how they can relate to Security Incidents
  • Demonstrated consistency in high-discipline and process-driven roles with a focus on keeping the operations running.
  • Stays up to date with technical education and emerging threats, detection methods, security concepts, conferences, and has a general understanding and desire to learn more and grow
  • Security-focused and Cloud Operations certificates appreciated but not required – there is strong encouragement to learn what you can on your own and then bring that knowledge back to the team
  • Familiarity with cloud-native tooling and their function for personal use, small business and large enterprise
  • Home-lab environments for testing different competencies listed above

Responsibilities

  • Alert Triage & Queue Management: Perform initial investigation, data enrichment, and escalation of alerts and tickets generated by the SIEM, SOAR, EDR, IDS, and other monitoring tools.
  • Case Escalation: Identify alerts and situations requiring escalation to the Security on-call
  • Incident Coordination: Maintain accurate and timely incident records in Security Incident record keeping software. The tasks include identifying ownership, timeline tracking, status updates, and ensuring retrospective remediation tasks are captured in individual Ticketing platforms
  • Coordinate communication for containment and remediation steps with relevant teams (engineering, security, support, etc.).
  • Conduct detection validation, verifying false positives and adding research for alerts to tickets before escalation to senior security engineers.
  • Case Documentation: Ensure investigation notes, follow-ups, retrospective analysis, and action items are consistently documented, logged, and tracked to completion.
  • Perform unsupervised investigation for lower-severity incidents or exploratory cases to determine significance.
  • Stay up-to-date with trending cybersecurity topics and their application to the enterprise
  • Follow an escalation protocol based around certain mapped criteria for the entirety of the Security Engineering team and assist as necessary with providing evidence for any changes that are required
  • Understand the differences between detections, threat hunting, threat intelligence as well as their individual roles in a security program
  • Act as a bridge between Security Operations and Engineering by helping translate threat research into clear, actionable deliverables with guidance from senior team members
  • Provide concise and constant feedback on detections and their importance to the program, as well as identify areas of improvement for the Operational portion of workload
  • Perform Vulnerability Management triage, including enrichment of findings, prioritization guidance, and escalation of actionable issues.
  • Investigate and validate vulnerabilities, leaked secrets, and suspicious activity surfaced through scanning tools.
  • Support Security Risk Register entries, including evidence collection, submission tracking, and recurring validation.
  • Maintain security tooling hygiene by performing test scans, verifying dashboard integrity, confirming detection visibility, and ensuring findings properly flow to downstream systems with minimal guidance
  • Assess potential issues in system operational health and provide quick writeups on the actions that were observed and their outcome to assist the Security Engineering team in quickly and efficiently identifying Incident worthy events
  • Act as an Operational stakeholder and maintain accountability for day-to-day security operations by identifying outages, missing information, incorrect detections and low-level system health events
  • Coordinate external penetration testing engagements, including scheduling, data gathering, issue tracking, and ensuring remediation tasks are properly logged and followed through with validation.
  • Maintain a high degree of professionalism when dealing with all External communication and technical testing, whether that is in conjunction with internal Iterable teams or External teams that require assistance per our Service Level Agreements

Benefits

  • Competitive salaries, meaningful equity, & 401(k) plan
  • Medical, dental, vision, & life insurance
  • Balance Days (additional paid holidays)
  • Fertility & Adoption Assistance
  • Paid Sabbatical
  • Flexible PTO
  • Monthly Employee Wellness allowance
  • Monthly Professional Development allowance
  • Pre-tax commuter benefits
  • Complete laptop workstation
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service