DICK'S Sporting GoodsRemote
Lead Cybersecurity Operations Analyst
United States
Full Time
1 week ago
$83,000 - $138,200 USD
H1B Sponsor
Key skills
CloudCyber SecurityFirewallsLinuxAILeadershipCommunicationCollaboration
About this role
Role Overview
- Lead security incident investigations and ensure timely containment, root cause analysis, and cross-team collaboration.
- Provide expert guidance on SIEM strategy, detection logic, and associated security technologies (EDR, email/web gateways, cloud controls).
- Standardize and refine monitoring workflows to improve signal quality, reduce false positives, and expand visibility across the environment.
- Leverage data from diverse sources (logs, telemetry, threat intel, case history) to identify patterns, emerging issues, and potential business impacts.
- Develop, drive, and execute recommendations—technical or professional—that shape both short-term defensive actions and longer-term operational strategy.
- Boost SOC effectiveness by implementing new tools, automation, AI-powered processes, and optimized playbooks supported by clear performance metrics.
- Anticipate what’s next by actively monitoring emerging threats and regulatory changes that affect the company.
- Mentor and elevate teammates by sharing expertise, modeling strong communication under pressure, and supporting a culture of learning within the SOC.
- Collaborate closely with Technology teams, Legal/Privacy, Risk & Compliance, vendors, and third-party service providers.
- Act as a subject matter expert for technology, policy, and regulatory topics in your area.
- Maintain relevant professional certifications and stay current through conferences and ongoing professional development.
- Advise peers and leadership on emerging risks, best practices, and operational implications.
Requirements
- Bachelor’s Degree in Computer science , management information systems, cybersecurity, or equivalent experience
- 7-10 years experience Security Operations, incident response, Windows, Linux, cloud, SIEM, EDR, firewalls, email gateways
- Security & Incident Event Management (SIEM)
- Endpoint Detection & Response (EDR)
- Secure email gateways
- Query-building
- Detection Engineering
- Threat Hunting
- Experience with MITRE ATT&CK mapping and detection engineering workflows
- Cloud and identity investigation experience (e.g. identity compromise and bypass techniques)
- Exposure to SOAR automation, playbook development, or case management platforms
- Data pipeline and storage expertise (e.g. event and log data parsing)
- Security+ (preferred not required)
- CISSP (preferred not required)
- GIAC (preferred not required)
- Vendor certifications (preferred not required)
Tech Stack
- Cloud
- Cyber Security
- Firewalls
- Linux
Benefits
- incentive
- equity
- benefits