Cyber Security Analyst

Hands-on expert who sets the standard for incident response, threat management and risk mitigation while driving continuous improvement of our security controls. The Senior Cybersecurity Analyst must proactively adapt to the evolving threat landscape and keep us ahead of emerging threats. This is not a passive career opportunity, but rather one that requires a passion for security and rigor to protect the business.

What you’ll do

• Incident Response – Prepare for and lead response to incidents, including on-call rotation.
• Threat Monitoring – Continuous review of security alerts in partnership with vendors.
• Threat Hunting – Identify previously undetected attacks. Feed detection pipeline and improve security posture.
• Threat Intelligence – Analyze and incorporate actionable intel within detection, monitoring and hunting disciplines. Track and model adversaries to focus program activities.
• Vulnerability Management – Monitor internal/external attack surface, validate vulnerabilities, and prioritize remediation.
• Security Posture – Assess risk of changes to IT and security systems. Maintain coverage of controls and implement preventative/detective measures. Conduct risk assessments.
• Penetration Testing – Coordinate vendor testing. Drive finding remediation providing expert guidance and verification.
• Threat Detection – Introduce new and enhance existing rules. Increase fidelity and create response runbooks.
• Automation – Implement methods (SOAR and scripting) to speed delivery and maintain consistency.

What you’ll bring

What you need:

• 6-10 years of experience in a security operations role with 3 years in a senior capacity
• Proven experience triaging and responding to a significant volume of security events and cyber incidents, ideally in a high-alert environment, utilizing processes aligned with industry standards such as NIST, SANS PICERL, or similar frameworks.
• Hands-on experience managing, prioritizing, and remediating vulnerabilities specifically within large-scale Linux environments.
• Expertise utilizing SIEM platforms to conduct advanced searches, build custom detections, and tune alerting logic.
• Demonstrated experience developing and maintaining automated remediation workflows using SOAR platforms.
• Demonstrated understanding of threat intelligence and threat hunting concepts, methodologies, and best practices.
• Strong foundational information technology knowledge: Windows, Active Directory/Entra, Linux, networks, cloud and mobile systems.
• Experience conducting tabletop exercises and adversary emulation.

We’d love it if you had:

• Financial services experience
• Hands-on experience with Crowdstrike Next-Gen SIEM, Logscale/CQL, Falcon Fusion SOAR, Falcon Foundry.
• Experience performing threat hunts in Linux and Windows environments, including cloud, on-premises, and containerized platforms such as Kubernetes.
• Hands-on experience utilizing common penetration techniques and tools.
• One or more scripting languages (e.g., Python & PowerShell).
• Prior web application assessment experience.
• Certifications, including but not limited to: GCIH, GCIA, GCFA, GPEN, OSCP