Senior Information Security Analyst
About The Position
While we are hiring for a single position, the role has been posted in both the U.S. and Canada to consider candidates from either market. We are seeking a highly skilled and experienced Senior Information Security Analyst to join our Security Operations Center. This role is pivotal in defending enterprise assets against advanced threats through proactive monitoring, threat hunting, and incident response. The ideal candidate will have deep expertise in CrowdStrike Falcon, Microsoft Sentinel, and a strong understanding of network and operating system internals across Windows, Linux, and macOS. Experience in cloud incident investigations (Azure, AWS, GCP) is essential. Key Responsibilities: Threat Detection & Response Monitor and triage alerts from CrowdStrike Falcon and Microsoft Sentinel. Lead investigations into endpoint and network security incidents including malware, privilege escalation, lateral movement, and data exfiltration. Execute containment and remediation strategies for identified threats. Threat Hunting & Analysis Conduct proactive threat hunts using CrowdStrike telemetry and threat intelligence. Perform forensic analysis of compromised systems and malware samples. Analyze network logs and packet captures to identify anomalies and attacker behavior. Cloud Security & Incident Investigations Investigate cloud-based incidents across Azure, AWS, and GCP environments. Assess cloud logging readiness and ensure audit trails are complete and actionable. Collaborate with cloud operations teams to improve detection and response capabilities. Process Improvement & Automation Develop and refine playbooks, runbooks, and standard operating procedures. Tune SIEM rules and EDR policies to reduce false positives and improve alert fidelity. Participate in red/blue team exercises and contribute to continuous SOC maturity. Collaboration & Leadership Serve as an escalation point for Tier 1 and Tier 2 analysts. Mentor junior SOC staff and contribute to team knowledge sharing. Interface with threat intelligence, incident response, and executive stakeholders. Protect the security and privacy of Absolute and its customers Other duties as assigned by management
Requirements
- 4–7 years of experience in a SOC or cybersecurity analyst role.
- Expert-level proficiency with CrowdStrike Falcon and Microsoft Defender.
- Strong understanding of MITRE ATT&CK, malware behaviors, and incident response.
- Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, Elastic).
- Deep knowledge of Windows, Linux, and macOS internals.
- Proficiency in scripting (Python, PowerShell) and log analysis.
- Excellent written and verbal communication skills.
Nice To Haves
- CrowdStrike Certified Falcon Responder (CCFR)
- CrowdStrike Certified Falcon Administrator (CCFA)
- GIAC (GCIA, GCIH), CySA+, or equivalent
Responsibilities
- Monitor and triage alerts from CrowdStrike Falcon and Microsoft Sentinel.
- Lead investigations into endpoint and network security incidents including malware, privilege escalation, lateral movement, and data exfiltration.
- Execute containment and remediation strategies for identified threats.
- Conduct proactive threat hunts using CrowdStrike telemetry and threat intelligence.
- Perform forensic analysis of compromised systems and malware samples.
- Analyze network logs and packet captures to identify anomalies and attacker behavior.
- Investigate cloud-based incidents across Azure, AWS, and GCP environments.
- Assess cloud logging readiness and ensure audit trails are complete and actionable.
- Collaborate with cloud operations teams to improve detection and response capabilities.
- Develop and refine playbooks, runbooks, and standard operating procedures.
- Tune SIEM rules and EDR policies to reduce false positives and improve alert fidelity.
- Participate in red/blue team exercises and contribute to continuous SOC maturity.
- Serve as an escalation point for Tier 1 and Tier 2 analysts.
- Mentor junior SOC staff and contribute to team knowledge sharing.
- Interface with threat intelligence, incident response, and executive stakeholders.
- Protect the security and privacy of Absolute and its customers
- Other duties as assigned by management
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
