IT Security Analyst IV
United States
Full Time
2 hours ago
Key skills
CloudCyber Security
About this role
Role Overview
- Participate in and lead incident response, triage, and investigations by performing systematic analysis of security events and indicators of compromise to identify malicious activity, potential threats, and vulnerabilities
- Conduct post-incident analysis to identify root causes and recommend preventative measures
- Create incident reports and documentation for stakeholders
- Design, develop, and maintain high-fidelity security detections aligned to adversary behaviors (e.g., MITRE ATT&CK), while performing ongoing detection gap analysis and recommending new detections based on emerging threats and attack techniques
- Tune and optimize security detections and alerts to improve signal quality, reduce false positives, and ensure actionable outcomes for the SOC
- Document detection logic, data dependencies, assumptions, and response guidance to support long-term maintainability and SOC effectiveness
- Provide technical guidance and mentorship to junior SOC analysts during investigations and detection development efforts
- Lead purple team efforts to test adversary techniques, validate existing detections, identify gaps, and inform the development of new or improved security alerts
- Proactively conduct threat hunting to identify malicious activity and assess the effectiveness of security controls
- Leverage threat intelligence to inform detection development, threat hunting, and incident response activities
- Lead SOC project efforts and coordinate with other cyber security groups to elevate the organization's security posture
- Identify opportunities to improve security processes and technologies
- Participate in on-call rotation to respond to critical security events
- Participate in knowledge sharing and training initiatives
- Able to multitask and prioritize
Requirements
- 6+ years of IT experience
- 4+ years of experience in Cyber Security or related field
- Bachelor’s degree in computer science, Information Technology, or a related field or an equivalent combination of education and experience
- Demonstrated experience across the full incident response lifecycle, including detection, analysis, containment, eradication, recovery, and post-incident reporting
- Hands-on experience with security technologies such as SIEM, EDR, email security, CNAPP, and NDR platforms
- Strong experience of designing, building, and tuning security detections within SIEM solutions
- Experience participating in or supporting purple team exercises or adversary simulation activities
- Solid understanding of current and emerging SOC technologies, attacker tactics, and defensive techniques, and how they can be applied to improve SOC effectiveness and efficiency
- Strong understanding of the information security industry and the evolving threat landscape
- Experience working with cloud infrastructure and technologies, alongside traditional on-prem environments
Tech Stack
- Cloud
- Cyber Security
Benefits
- Total compensation package
- Annual bonus eligibility for most roles
- 401(k) with a company match
- Flexible workplace culture