Senior Security Operations Analyst

About The Position

Requirements

• Bachelor’s Degree and five (5) years of experience. Experience should be in a cybersecurity field and should include relevant industry certifications.
• In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required.
• Demonstrated experience with SOC operations, executing security event triaging and tuning.
• Demonstrated experience writing runbooks and support procedures.
• Demonstrated experience executing Monitoring and Response across multiple phases, containment, eradication, and recovery, in a SOC or MSSP environment.
• Demonstrated experience with security event triaging and threat hunting executed through both a SIEM and EDR toolset.
• Hands on experience with at least two of the following Endpoint Detection and Response (EDR) and Security Orchestration Automation and Response solutions.
• CrowdStrike
• Microsoft Defender
• Microsoft Sentinel
• Splunk Enterprise Security
• Demonstrated experience with scripting in at least one language (Python, PowerShell, or equivalent) in a manner that supports automation solutions.
• Excellent written and verbal communication skills.
• Previous experience in technical support or security-focused role.
• Willing and able to work Sunday - Thursday, 8:30am - 5:00pm.
• Must be authorized to work within the United States.

Nice To Haves

• Bachelor’s Degree and seven (7) or more years of experience in cybersecurity with progressive responsibility in SOC, MDR, or MSSP environment.
• Holds at least two relevant industry certifications (GCFA, GCIH, CEH, CISSP, etc.)
• Demonstrated experience communicating and presenting to executive level client stakeholders.
• Technical writing and reporting experience.
• Experience executing initial triaging and response through a SOAR platform.
• Experience with multiple operating systems (Linux, MacOS, Windows), their command lines, processes, and file systems.
• Experience with memory and storage forensics.
• Experience with static and dynamic malware analysis.
• Demonstrated ability to translate complex technical findings into clear, business-relevant narratives for non-technical audiences.
• Experience with data science techniques (clustering, anomaly detection, data normalization, etc.)
• General systems administrator experience.
• Fluency with the MITRE ATT&CK framework as an active investigation and communication tool.
• Experience working in multiple cybersecurity disciplines (i.e. Penetration Testing, Threat, Information Assurance, Engineering, etc.)

Responsibilities

• Live by the NuHarbor corporate values: Help Clients Win, Always Improve, Protect the House.
• Own investigations end-to-end from initial alert through root cause analysis, attack chain reconstruction, and client-ready written narrative.
• Correlate across SIEM, EDR, and identity telemetry to identify what alerts missed, not just what they flagged.
• Self-assign to difficult, ambiguous, or high-priority work without requiring direction, including work that falls outside defined lanes.
• Support the Security Analyst team with alert triage, classification, disposition, and escalation within SLA requirements.
• Identify and communicate security gaps and mitigations in the context of client environments.
• Communicate proactively with the Security Operations Manager on active threats, escalations, and items requiring leadership visibility.
• Facilitate client-facing meetings including incident briefings, escalation reviews, and threat landscape discussions.
• Produce ticket documentation that requires no editorial cleanup, every ticket must include an evidence trail, analyst reasoning, disposition rationale, and a plain-language client summary
• Remain current on emerging threats, CVEs, and attacker techniques relevant to client environments.
• Support the onboarding of new clients onto NuHarbor Security Services and Platforms.
• Train, mentor, and support junior analysts, including structured coaching on investigation methodology, documentation standards, and client communication.
• Review escalations to clients from junior analysts prior to client delivery, ensuring investigative completeness and documentation quality.
• Develop and refine automation playbooks to reduce alert volume and improve analyst workflow.
• Contribute tuning feedback, noise identification, and alert fidelity assessments to the Detection Engineering program, in coordination with DE leadership.
• Develop recommendations and enhancements to mature a client’s cybersecurity program.
• Coordinate with NuHarbor clients and internal stakeholders during and after incident response activities.

Benefits

• paid time to give back in your community
• generous PTO
• competitive salary and benefits