Senior Cybersecurity Operations Analyst
San Diego, California, United States of America
Full Time
4 hours ago
$107,900 - $161,900 USD
No Visa Sponsorship
Key skills
CloudCyber SecurityPythonSplunkPowerShellCommunicationPenetration TestingCloud Security
About this role
Role Overview
- Lead the design, development, and continuous improvement of detection engineering use cases across SIEM, EDR, and cloud security platforms.
- Develop, tune, and validate detection logic aligned to adversary tactics, techniques, and procedures (TTPs), leveraging frameworks such as MITRE ATT&CK.
- Integrate and operationalize cyber threat intelligence to enhance detection coverage, threat hunting, and incident response prioritization.
- Serve as a technical lead during high-severity security incidents, performing advanced investigation, containment, and remediation activities.
- Conduct proactive threat hunting to identify malicious activity that bypasses automated detections.
- Partner with security engineering and architecture teams to influence and improve defensive security architecture across endpoint, identity, network, and cloud environments.
- Support and participate in penetration testing and purple team exercises, translating offensive findings into actionable defensive improvements and detections.
- Develop and maintain incident response playbooks, detection documentation, and investigative runbooks.
- Provide expert guidance and mentorship to SOC analysts, elevating overall team capability.
- Collaborate with IT, cloud, infrastructure, and application teams to remediate vulnerabilities and reduce systemic risk.
- Contribute to SOC maturity initiatives including automation, tooling optimization, and operational process improvements.
Requirements
- 7+ years of demonstrated experience in cybersecurity operations, including SOC, detection engineering, or incident response roles.
- Proven expertise with SIEM platforms such as Splunk, QRadar, Microsoft Sentinel, or similar technologies.
- Extensive experience with EDR/XDR platforms such as Microsoft Defender, CrowdStrike, Carbon Black, Sophos, or equivalent.
- Strong background in incident response, including forensic analysis, malware investigation, and root-cause determination.
- Hands-on experience applying penetration testing techniques or supporting red/purple team exercises.
- Advanced understanding of attacker tradecraft, adversary behavior, and kill chain methodologies.
- Experience influencing or designing defensive security architecture across enterprise environments.
- Strong scripting or query skills (e.g., KQL, SPL, Python, PowerShell).
- Excellent analytical, communication, and technical documentation skills.
Tech Stack
- Cloud
- Cyber Security
- Python
- Splunk
Benefits
- Medical, dental, and vision insurance
- 401(k) with company match
- Paid time off (PTO)
- And additional employee wellness programs