Senior Cybersecurity Operations Analyst

About The Position

Requirements

• Bachelors degree required
• 5+ years of experience in cybersecurity, with a strong focus on security operations and incident response
• Deep hands‑on experience administering and maintaining SIEM, EDR, and related security tools
• Strong understanding of networking concepts, TCP/IP, Active Directory, DNS, DHCP, and network defense technologies
• Proficiency with Windows, Linux, and macOS operating systems
• Experience with cloud security platforms (e.g., AWS, Azure)
• Knowledge of secure engineering principles and technical security testing methodologies.

Responsibilities

• Security Hygiene & Control Validation
• Routinely audit and validate security control coverage (e.g., XDR, ZTNA, DLP) to ensure tools are operating effectively and protect 100% of intended assets.
• Partner with the SOC to ensure log integrity across security and non-security systems; validate alert scope, fidelity, and thresholds.
• Monitoring the health and performance of security tools, performing root cause analysis when agents fail or policies are not properly applied.
• Incident Response, Event Monitoring, & Threat Hunting
• Serve as the Tier 2 escalation point for the SOC and lead the full incident response lifecycle, from containment through recovery.
• Conduct proactive threat hunting using threat intelligence, SOC findings, and behavioral analysis to identify threats that bypass automated controls.
• Analyze threat intelligence to inform defensive strategies and continuously improve detection capabilities.
• Collaborate with the SOC to develop, refine, and maintain incident response playbooks aligned to business context.
• Monitor and analyze security alerts from SIEM, EDR, and other tools to identify and respond to potential threats.
• Implement and enforce security controls, policies, and procedures to protect organizational assets.
• Blue, Red, and Purple Team Activities
• Lead the development and execution of recurring security wargames, including scenario design and cross functional participation.
• Actively participate in and lead blue team activities focused on defensive security, detection, and incident response.
• Collaborate in purple team exercises to validate detection and response effectiveness against real world attack scenarios.
• Participate in internal red team exercises, penetration tests, and simulated attacks to identify security gaps and control weaknesses.
• Perform adversary emulation by modeling tactics, techniques, and procedures (TTPs) of known threat actors.
• Share insights, lessons learned, and intelligence across teams to continuously improve security posture.
• Use findings from offensive testing to optimize SIEM rules, EDR/CASB/SWG policies, firewall configurations, and other security controls.
• Security Tool Management
• Configure, maintain, and optimize a broad portfolio of security technologies, including:
• Security Information and Event Management (SIEM): Log aggregation, correlation, tuning, and alerting.
• Endpoint Detection and Response (EDR): Threat detection and response across endpoint environments.
• Attack Surface & Exposure Management (ASM/AEM): Continuous discovery and prioritization of vulnerabilities and exposures.
• Cloud Access Security Broker (CASB): Enforcement of security controls for cloud applications and services.
• Secure Web Gateway (SWG): Inspection of web traffic and protection against web-based threats.
• Data Loss Prevention (DLP): Design, implementation, and management of policies to prevent unauthorized data exfiltration across endpoints, networks, and cloud environments.
• Security Operations & Support
• Respond to and resolve security related tickets and user inquiries.
• Provide guidance and best practice recommendations to end users and IT partners.
• Troubleshoot security tool issues and perform root cause analysis.
• Documentation, Reporting, & Communication
• Create and maintain detailed documentation for incident response procedures, security tool configurations, and security advisories.
• Generate and present reports on security incidents, trends, and overall security posture to management.
• Communicate clearly and effectively with stakeholders during and after security incidents.
• Mentorship & Collaboration
• Serve as a mentor to junior analysts, providing technical guidance, coaching, and training.
• Actively solicit feedback from peers and partners to improve operational effectiveness and team maturity.
• Support special projects and other duties as assigned.

Benefits

• We offer a comprehensive and competitive total rewards package designed to support your health, financial well‑being, and work‑life balance. Benefits include medical, dental, and paid vision coverage; paid time off and company holidays; retirement savings with employer contribution; employee wellness resources; and professional development opportunities. Additional benefits may include flexible work arrangements, employee assistance programs, and other programs that support you both at work and beyond.