This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Senior Information Security Analyst in the United States.
This role provides a critical opportunity to safeguard enterprise systems and data through advanced threat detection, incident response, and proactive security monitoring. The Senior Information Security Analyst will operate within a Security Operations Center (SOC), leveraging cloud, endpoint, and network expertise to identify, analyze, and mitigate cyber threats. The position requires deep technical knowledge across Windows, Linux, and macOS environments, as well as hands-on experience with cloud platforms such as Azure, AWS, and GCP. This role blends investigative skills, automation, and threat intelligence to protect business assets, while mentoring junior analysts and contributing to SOC process improvements. The position offers a high-impact environment where strategic thinking, technical proficiency, and continuous learning are central to success.
Accountabilities:
- Monitor and triage alerts from security platforms, including CrowdStrike Falcon and Microsoft Sentinel.
- Lead investigations into endpoint, network, and cloud security incidents, including malware, privilege escalation, and data exfiltration.
- Conduct proactive threat hunting, forensic analysis, and anomaly detection across enterprise systems and cloud environments.
- Develop and refine SOC playbooks, runbooks, and automation to improve detection, response, and operational efficiency.
- Serve as an escalation point for Tier 1 and Tier 2 analysts, mentoring junior team members and sharing threat intelligence.
- Collaborate with internal stakeholders to strengthen cloud security posture, incident readiness, and response workflows.
- Participate in red/blue team exercises and continuous SOC process and capability improvements.
Requirements:
- 4–7 years of experience in a SOC or cybersecurity analyst role.
- Expert-level proficiency with CrowdStrike Falcon and Microsoft Defender.
- Hands-on experience with SIEM platforms such as Microsoft Sentinel, Splunk, or Elastic.
- Deep knowledge of Windows, Linux, and macOS internals.
- Practical experience in cloud incident investigations across Azure, AWS, and GCP.
- Proficiency in scripting and automation (Python, PowerShell) and advanced log analysis.
- Strong understanding of MITRE ATT&CK framework, malware behavior, and incident response methodology.
- Excellent written and verbal communication skills, with the ability to influence and mentor teams.
- Preferred certifications: CCFR, CCFA, GIAC (GCIA, GCIH), CySA+, or equivalent.
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field (or equivalent experience).
Benefits:
- Competitive salary reflective of experience and market standards.
- Comprehensive healthcare coverage, including medical, dental, vision, and life insurance.
- Retirement savings options, including 401(k) and employee stock purchase plan.
- Paid time off, including vacation, holidays, and sick leave.
- Flexible remote work arrangements across eligible U.S. states.
- Opportunities for professional growth, certification support, and participation in industry events.
- Collaborative and innovative work environment focused on advanced cybersecurity practices.
