Staff Analyst, Information Security

Analog Devices•Wilmington, MA

About The Position

We’re looking for a Senior SOC Analyst with strong Cyber Threat Intelligence (CTI) expertise to elevate our detection and response capabilities. In this role, you’ll drive operational excellence through intelligence‑led threat hunting, advanced investigations, and strategic incident response leadership. As a player‑coach, you’ll lead complex investigations, mentor analysts, and strengthen our SOC through improvements in detection engineering, CTI integration, and automated response. You’ll work across teams, communicate clearly with both technical and executive stakeholders, and help protect critical business assets through proactive, intelligence‑driven defence.

Requirements

Bachelor’s degree in computer science, Cybersecurity, or a related technical field or equivalent industry experience in a global enterprise.
Minimum 5+ years of experience in SOC operations, incident response (IR), cyber threat intelligence (CTI), or detection engineering roles.
Advanced knowledge of SIEM (preferably Azure Sentinel), EDR/NDR, and cloud security platforms (e.g., Microsoft Defender suite, O365, Azure).
Expertise in CTI analysis, including threat actor profiling, malware analysis, and TTP tracking.
Proficiency in scripting and automation using Python, PowerShell, or Bash to streamline SOC workflows.
Hands-on experience with MITRE ATT&CK, SOAR, and forensic tools for incident response and threat detection.

Nice To Haves

Professional certifications such as GCTI, GREM, GCIH, GCIA, CISSP, or CEH.
Cloud security certifications (e.g., Azure Security Engineer, AWS Security Specialist).
Knowledge of compliance frameworks like PCI-DSS, HIPAA, or GDPR.
Experience with vulnerability management platforms (e.g., Tenable, WIZ) and governance frameworks (e.g., SAML, OAuth, CSA).

Responsibilities

Lead complex investigations into APTs, ransomware, insider threats, and other advanced adversarial activities affecting the organization.
Collect, analyze, and operationalize CTI from OSINT, commercial feeds, ISACs, and internal telemetry to enhance detection and response capabilities.
Create and present detailed intelligence assessments and executive briefings for both technical and non-technical audiences.
Track and profile threat actor TTPs using frameworks like MITRE ATT&CK to pre-empt emerging risks.
Develop and maintain advanced detection logic using SIEM, EDR, and cloud-native tools to ensure comprehensive coverage.
Conduct proactive threat hunting to identify and mitigate undetected or emerging threats.
Design and implement automated containment workflows, such as device isolation, email purging, and session revocation.
Maintain the incident response plan, ransomware decision framework, and other key operational templates.
Publish and help manage SOC KPIs/OKRs, such as MTTD/MTTR, false positive rates, and detection coverage metrics.
Oversee MSSP/vSOC partners, ensuring maximum value and alignment with detection and response strategies.