Senior Security Analyst

About The Position

Requirements

• 5+ years in information security or security operations
• Hands-on SIEM experience with query writing, detection building, and alert tuning
• Strong working knowledge of cloud security concepts and services (AWS preferred; GCP and Azure also considered)
• Proficiency working with logs across endpoint, cloud, network, identity, and application sources
• Understanding of CI/CD pipelines and IaC (Terraform, CloudFormation) from a security perspective
• Solid grasp of Windows, macOS, and Linux internals — processes, persistence mechanisms, and attacker TTPs
• Demonstrated IR experience, including leading or contributing to investigations
• Familiarity with data normalization, log parsing, and ETL concepts
• Strong written and verbal communication skills

Nice To Haves

• Experience with log routing, transformation, and enrichment
• Hands-on experience with an enterprise EDR/XDR platform and its ecosystem tooling — SOAR, exposure management, and identity protection
• Experience with network security tools and interpreting proxy or web traffic logs
• Background in a regulated industry (financial services, healthcare) with familiarity with NIST CSF, GLBA, or FFIEC
• Scripting or automation experience (Python, Bash) for detection engineering, workflow automation, and version-controlled code in GitHub
• Relevant certifications: CISSP, GCIH, GCIA, GCED, CEH, GDSA, or equivalent
• Detection as Code experience using version-controlled detection content
• Exposure to identity security tooling

Responsibilities

• Build, tune, and maintain detection rules and alerts in our SIEM, writing queries to identify threats and coverage gaps aligned to MITRE ATT&CK
• Own incident response execution end-to-end — containment, eradication, recovery, and lessons learned — including forensic log analysis and post-incident reporting
• Monitor and investigate security events across endpoints, cloud (AWS), identity, and network telemetry — identifying misconfigurations, anomalous activity, and suspicious behavior
• Assist with security audits and regulatory examinations, ensuring timely and accurate security documentation and evidence is provided
• Analyze systems, applications, and networks for security configurations in partnership with security engineers.
• Manage log pipelines including ingestion, parsing, normalization, and enrichment to ensure high-fidelity data is available for detection and investigation
• Triage and prioritize vulnerability findings using risk-based frameworks and track remediation SLAs with IT and Engineering
• Collaborate with Engineering on IaC and CI/CD security reviews, and contribute to runbooks and playbooks
• Perform all other duties as assigned

Benefits

• Competitive compensation based on experience, geographic location, and role
• Medical, Dental, Vision, Life, 401k Matching, and other wellness benefits, including FSA, HSA and HRA
• Paid parental leave
• Flexible vacation policy, including PTO and paid holidays