Sr. Cybersecurity Operations Analyst - Acton, Mass. or San Diego, CA (Hybrid)
About The Position
Position Overview: We are seeking a highly skilled Senior Cybersecurity Analyst to serve as a senior technical contributor within the Security Operations Center (SOC). This role is intended for an experienced cybersecurity professional who operates at an advanced technical level and provides deep expertise in detection engineering, threat intelligence, defensive security architecture, and complex incident response. The Senior Analyst plays a critical role in strengthening detection capabilities, improving response effectiveness, and proactively identifying and mitigating sophisticated threats across the enterprise.
Requirements
- 7+ years of demonstrated experience in cybersecurity operations, including SOC, detection engineering, or incident response roles.
- Proven expertise with SIEM platforms such as Splunk, QRadar, Microsoft Sentinel, or similar technologies.
- Extensive experience with EDR/XDR platforms such as Microsoft Defender, CrowdStrike, Carbon Black, Sophos, or equivalent.
- Strong background in incident response, including forensic analysis, malware investigation, and root-cause determination.
- Hands-on experience applying penetration testing techniques or supporting red/purple team exercises.
- Advanced understanding of attacker tradecraft, adversary behavior, and kill chain methodologies.
- Experience influencing or designing defensive security architecture across enterprise environments.
- Strong scripting or query skills (e.g., KQL, SPL, Python, PowerShell).
- Excellent analytical, communication, and technical documentation skills.
Nice To Haves
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
- Advanced certifications such as CISSP, GCIA, GCIH, GCED, GCFA, GPEN, GXPN, OSCP, OSCE or equivalent.
Responsibilities
- Lead the design, development, and continuous improvement of detection engineering use cases across SIEM, EDR, and cloud security platforms.
- Develop, tune, and validate detection logic aligned to adversary tactics, techniques, and procedures (TTPs), leveraging frameworks such as MITRE ATT&CK.
- Integrate and operationalize cyber threat intelligence to enhance detection coverage, threat hunting, and incident response prioritization.
- Serve as a technical lead during high-severity security incidents, performing advanced investigation, containment, and remediation activities.
- Conduct proactive threat hunting to identify malicious activity that bypasses automated detections.
- Partner with security engineering and architecture teams to influence and improve defensive security architecture across endpoint, identity, network, and cloud environments.
- Support and participate in penetration testing and purple team exercises, translating offensive findings into actionable defensive improvements and detections.
- Develop and maintain incident response playbooks, detection documentation, and investigative runbooks.
- Provide expert guidance and mentorship to SOC analysts, elevating overall team capability.
- Collaborate with IT, cloud, infrastructure, and application teams to remediate vulnerabilities and reduce systemic risk.
- Contribute to SOC maturity initiatives including automation, tooling optimization, and operational process improvements.
Benefits
- Medical, dental, and vision insurance
- 401(k) with company match
- Paid time off (PTO)
- And additional employee wellness programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
501-1,000 employees
