About the Role
The analyst will triage security alerts, perform initial investigations, and escalate incidents as needed while following defined procedures to maintain organizational security posture.
Responsibilities
- Monitor security alerts across networks and systems
- Identify and categorize potential security threats
- Conduct initial analysis of suspicious activities
- Follow incident response playbooks for common threats
- Document findings and actions in security systems
- Escalate complex incidents to higher-tier analysts
- Maintain up-to-date knowledge of threat intelligence
- Support log collection and retention processes
- Verify security tool functionality and coverage
- Participate in routine security operations meetings
- Assist in vulnerability scanning coordination
- Report on daily security event trends
- Validate alert accuracy to reduce false positives
- Apply security policies to detected incidents
- Collaborate with IT teams during investigations
- Update runbooks based on operational feedback
- Track incident lifecycle from detection to closure
- Perform basic forensic data gathering
- Support compliance with security standards
- Respond to phishing and malware alerts
Nice to Have
- Certifications such as Security+, CySA+, or GCIH
- Experience with SOAR platforms
- Working knowledge of scripting languages
- Prior exposure to incident response frameworks
- Familiarity with MITRE ATT&CK framework
- Experience in a 24/7 security operations environment
- Knowledge of cloud security monitoring
- Previous work with IDS/IPS systems
Compensation
Competitive salary based on experience
Work Arrangement
Hybrid remote
Team
Security Operations Center team
On-Call Expectations
This role includes participation in a shared on-call rotation to ensure coverage during off-hours for critical incidents.
Professional Development
Opportunities for training and certification reimbursement are available to support ongoing skill growth.
Available for qualified candidates
