Назад
Company hidden
2 дня назад

Cyber Security Operations Analyst II

Формат работы
remote (только USA)
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Cyber Security Operations Analyst II (SIEM/EDR): Serve as the primary escalation point for security alerts, incidents, and threat investigations, analyzing, containing, and remediating security events with an accent on SIEM/EDR tuning, incident response for medium-to-high severity events, and vulnerability lifecycle ownership. Focus on threat hunting, root-cause analysis with post-incident reporting, and continuous improvement of detection and defensive operations.

Location: United States (Remote)

Company

hirify.global provides AI-powered decision intelligence solutions for national security, supply chain management, and digital identity.

What you will do

  • Monitor and triage alerts from SIEM, EDR, email security, and other monitoring tools; investigate escalated alerts from MSSP or automated detections.
  • Lead incident response for medium-to-high severity incidents, including containment, eradication coordination, and root cause analysis with post-incident reports.
  • Tune and maintain SIEM/EDR and other security platforms; build custom detection rules, dashboards, and reports.
  • Own vulnerability management end-to-end: scanning, analysis, prioritization by exploitability/impact, remediation tracking, and guidance to IT on patching/configuration changes.
  • Act as a liaison between security operations and IT/business units; provide technical guidance to Tier 1 analysts and communicate findings in non-technical terms.
  • Continuously improve processes and tooling, and maintain incident response runbooks and escalation procedures.

Requirements

  • 8+ years of experience in security operations, incident response, or a related field.
  • Hands-on experience with SIEM, EDR, and network security tools.
  • Strong understanding of threat actors and attack techniques (MITRE ATT&CK) plus incident response best practices.
  • Ability to analyze logs, packets, and system behavior to detect and investigate malicious activity.
  • Excellent written and verbal communication skills.

Nice to have

  • Experience in a small-team environment with cross-functional responsibilities.
  • Familiarity with cloud security monitoring (AWS, Azure, or GCP).
  • Industry certifications such as Security+, CySA+, GCIH, GCIA, or similar.
  • Scripting skills (Python, PowerShell, or Bash) for automation.

Culture & Benefits

  • Remote work with a focus on owning multiple areas of security operations within a small team.
  • Opportunity to mature the security operations program through continuous improvements to detection and response.
  • Cross-functional collaboration with IT and business stakeholders.

Hiring process

  • Interviews to assess security operations, incident response, and hands-on tooling experience.
  • Discussion of incident scenarios, detection tuning, and vulnerability management approach.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →