Sr Security Analyst

As a Senior Security Operations Center (SOC) Analyst at our company, your role will involve leading threat detection, investigation, and incident response activities across our enterprise and product environments. You will be responsible for triaging and investigating complex security events, mentoring junior analysts, and driving automation and process maturity within the SOC. Your analytical skills, ability to remain calm under pressure, and technical expertise in SIEM-based monitoring, endpoint and cloud security telemetry, and incident response coordination will be crucial in partnering with various teams to enhance our defensive posture over time. **Key Responsibilities:** - Monitor and analyze security alerts from multiple data sources such as SIEM, EDR/XDR, Cloud security platforms, network, and application logs - Perform advanced triage to differentiate true threats from false positives - Correlate telemetry across endpoints, cloud, identity, and network layers - Develop, tune, and maintain high-fidelity detection rules and alerts - Lead investigations of moderate to high-severity security incidents including malware, phishing, credential compromise, insider threats, and cloud security incidents - Execute containment, eradication, and recovery actions in coordination with stakeholders - Participate in post-incident reviews and improvement initiatives - Conduct proactive threat hunting using threat intelligence and attacker behavior hypotheses - Analyze indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) - Design and enhance SOC playbooks, runbooks, and response workflows - Automate alert enrichment, triage, and response using SOAR platforms, scripts, and APIs - Mentor and coach SOC team members on investigation techniques and tools - Support security operations requirements aligned to industry frameworks such as SOC 2, ISO/IEC 42001, NIST CSF, NIST 800-53, and PCI DSS - Participate in on-call rotations and incident response coverage as necessary - Provide system-generated evidence for audits and customer security reviews - Ensure incident handling procedures align with documented policies and standards **Qualifications Required:** - 5+ years of experience in Security Operations, SOC, or Incident Response - Strong hands-on experience with SIEM platforms, EDR/XDR tools, and log analysis - Solid understanding of network protocols, endpoint internals, and access attacks - Experience leading incident investigations - Bachelor's or Master's degree in Computer Science, Security Assurance, or a relevant field - Experience in cloud and SaaS environments (AWS, Azure, GCP) - Familiarity with SOAR platforms, MITRE ATT&CK framework, and scripting languages - Exposure to 24x7 SOC operations, DevSecOps, and security tooling integration - Relevant certifications such as GCIA, GCIH, GCED, CISSP, or SIEM certifications (preferred) This comprehensive role will allow you to showcase your expertise in security operations and incident response while contributing to the continuous improvement of our security posture and operational efficiency. As a Senior Security Operations Center (SOC) Analyst at our company, your role will involve leading threat detection, investigation, and incident response activities across our enterprise and product environments. You will be responsible for triaging and investigating complex security events, mentoring junior analysts, and driving automation and process maturity within the SOC. Your analytical skills, ability to remain calm under pressure, and technical expertise in SIEM-based monitoring, endpoint and cloud security telemetry, and incident response coordination will be crucial in partnering with various teams to enhance our defensive posture over time. **Key Responsibilities:** - Monitor and analyze security alerts from multiple data sources such as SIEM, EDR/XDR, Cloud security platforms, network, and application logs - Perform advanced triage to differentiate true threats from false positives - Correlate telemetry across endpoints, cloud, identity, and network layers - Develop, tune, and maintain high-fidelity detection rules and alerts - Lead investigations of moderate to high-severity security incidents including malware, phishing, credential compromise, insider threats, and cloud security incidents - Execute containment, eradication, and recovery actions in coordination with stakeholders - Participate in post-incident reviews and improvement initiatives - Conduct proactive threat hunting using threat intelligence and attacker behavior hypotheses - Analyze indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) - Design and enhance SOC playbooks, runbooks, and response workflows - Automate alert enrichment, triage, and response using SOAR platforms, scripts, and APIs - Mentor and coach SOC team members on investigation techniques and tools - Support security operations requirements aligned to industry frameworks such as SOC 2