Staff Analyst, Information Security

About The Position

Requirements

• Bachelor’s degree in computer science, Cybersecurity, or a related technical field or equivalent industry experience in a global enterprise.
• Minimum 5+ years of experience in SOC operations, incident response (IR), cyber threat intelligence (CTI), or detection engineering roles.
• Advanced knowledge of SIEM (preferably Azure Sentinel), EDR/NDR, and cloud security platforms (e.g., Microsoft Defender suite, O365, Azure).
• Expertise in CTI analysis, including threat actor profiling, malware analysis, and TTP tracking.
• Proficiency in scripting and automation using Python, PowerShell, or Bash to streamline SOC workflows.
• Hands-on experience with MITRE ATT&CK, SOAR, and forensic tools for incident response and threat detection.

Nice To Haves

• Professional certifications such as GCTI, GREM, GCIH, GCIA, CISSP, or CEH.
• Cloud security certifications (e.g., Azure Security Engineer, AWS Security Specialist).
• Knowledge of compliance frameworks like PCI-DSS, HIPAA, or GDPR.
• Experience with vulnerability management platforms (e.g., Tenable, WIZ) and governance frameworks (e.g., SAML, OAuth, CSA).

Responsibilities

• Lead complex investigations into APTs, ransomware, insider threats, and other advanced adversarial activities affecting the organization.
• Collect, analyze, and operationalize CTI from OSINT, commercial feeds, ISACs, and internal telemetry to enhance detection and response capabilities.
• Create and present detailed intelligence assessments and executive briefings for both technical and non-technical audiences.
• Track and profile threat actor TTPs using frameworks like MITRE ATT&CK to pre-empt emerging risks.
• Develop and maintain advanced detection logic using SIEM, EDR, and cloud-native tools to ensure comprehensive coverage.
• Conduct proactive threat hunting to identify and mitigate undetected or emerging threats.
• Design and implement automated containment workflows, such as device isolation, email purging, and session revocation.
• Maintain the incident response plan, ransomware decision framework, and other key operational templates.
• Publish and help manage SOC KPIs/OKRs, such as MTTD/MTTR, false positive rates, and detection coverage metrics.
• Oversee MSSP/vSOC partners, ensuring maximum value and alignment with detection and response strategies.

Benefits

• Cutting-Edge Technology: Work with state-of-the-art threat intelligence tools, cloud security platforms, and detection technologies.
• Collaborative Culture: Be part of a forward-thinking SOC team that values collaboration, innovation, and continuous improvement.
• Professional Growth: Access opportunities for advanced training, certifications, and career development.
• Competitive Benefits: Enjoy a comprehensive compensation package, including healthcare, retirement plans, and flexible work arrangements.
• Meaningful Impact: Play a vital role in protecting critical business operations and intellectual property from emerging global threats.
• medical, vision and dental coverage, 401k, paid vacation, holidays, and sick time, and other benefits.