Senior Associate, Security Operations

About The Position

Requirements

• 5+ years of experience in security operations, incident response, or a closely related discipline
• Bachelor’s degree in Information Security, Computer Science, or a related field
• Demonstrated experience triaging and coordinating incident response, including hands-on involvement during active security events
• Ability to execute, test, and improve IR playbooks, evaluating their effectiveness and driving meaningful enhancements, not just following them
• Working familiarity with managed detection and response services, including how to interpret their outputs and manage them as an operational partner
• Experience managing vendor relationships in a security context, including SLA oversight and contract coordination
• Experience with client security due diligence, including responding to security questionnaires and third-party assessments
• Technical fluency across core security domains: endpoint security, network fundamentals, log analysis, and threat detection
• Proficiency with enterprise security tooling including SIEM, EDR, and ticketing platforms
• Working knowledge of AI-enabled threat vectors, including AI-augmented social engineering, adversarial AI agent activity, and the security risks introduced by citizen developer platforms and unsanctioned AI tool adoption within the enterprise
• Strong written communication skills; able to produce clear incident reports and professional client-facing responses under time pressure
• Availability and willingness to respond to high-severity incidents outside of business hours

Nice To Haves

• Relevant certification in incident handling or security analysis (e.g., GCIH, GSEC, GSOC)
• Background in professional services or consulting, where security posture directly impacts client relationships
• Familiarity with SOC 2 or ISO 27001 control environments and how security operations intersect with compliance requirements
• Exposure to threat intelligence platforms or processes
• Familiarity with AI security risk frameworks such as NIST AI RMF or MITRE ATLAS, and practical exposure to assessing risks from AI agent deployments and employee use of generative AI tools

Responsibilities

• Serve as the firm’s internal incident response coordinator, working alongside the managed detection and response provider during active security events
• Execute, test, and continuously improve IR playbooks through regular tabletop exercises, lessons learned, and evolving threat intelligence
• Coordinate internal stakeholder communication during incidents, escalating at appropriate severity thresholds
• Produce post-incident reports that are clear, factual, and actionable for both technical and executive audiences
• Serve as the primary day-to-day liaison to the firm’s MDR provider; review threat reports, detection summaries, and alert trends, and hold the provider accountable to SLAs
• Triage MDR escalations – assess severity, validate findings, and initiate the appropriate internal response workflow
• Coordinate detection rule tuning and alert threshold adjustments to reduce false positives and improve signal quality
• Maintain a working knowledge of the MDR’s detection logic and coverage gaps, flagging concerns proactively to the Head of Security Engineering & Architecture
• Execute responses to client security questionnaires and due diligence requests accurately and on time, drawing on the response library maintained by the Senior Manager, GRC
• Ensure questionnaire responses reflect the firm’s current control posture and active certifications, escalating discrepancies or coverage gaps immediately
• Manage the intake and tracking of diligence requests, flagging new or unusual questions to the Senior Manager, GRC to drive updates to the approved response framework
• Support the Head of Security Engineering & Architecture in day-to-day security operations, including vulnerability management tracking and remediation follow-up
• Manage operational relationships with security technology and service vendors, tracking contract terms, renewal dates, and SLA performance
• Partner with the Senior Manager, GRC on vendor risk assessments, ensuring reviews are completed on schedule and findings are tracked to remediation
• Maintain operational documentation including runbooks, contact trees, and escalation procedures
• Contribute to security awareness initiatives and serve as a resource for internal teams with security-related questions
• Identify and assess security risks introduced by AI-assisted attacks, including AI-augmented phishing, deepfake-based social engineering, and adversarial use of AI agents; incorporate AI threat scenarios into tabletop exercises and ongoing IR playbook updates
• Monitor for security exposure from internal use of unsanctioned AI tools and citizen developer platforms, coordinating with the Senior Manager, GRC to ensure shadow AI risks are tracked and escalated appropriately

Benefits

• medical
• dental
• vision
• basic life insurance
• 401(k) plan
• paid time off
• twelve paid holidays