Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
BeyondTrust

Cyber Defense Analyst

BeyondTrust

. Monitor and triage security alerts across SIEM, EDR, and CSPM platforms covering both corporate and product environments.

Posted 4/21/2026full-timeRemote • 🇦🇺 AustraliaJuniorMid-LevelWebsite

Tech Stack

Tools & technologies
Cloud

About the role

Key responsibilities & impact
  • Monitor and triage security alerts across SIEM, EDR, and CSPM platforms covering both corporate and product environments.
  • Investigate alerts to determine scope, severity, and whether escalation is warranted.
  • Leverage AI-assisted triage and enrichment tools to accelerate analysis and reduce mean time to detect.
  • Classify, document, and track alerts through the full lifecycle using ticketing and case management systems.
  • Participate in or lead incident response engagements from detection through remediation, including evidence collection, forensic analysis, root cause determination, and stakeholder communication.
  • Conduct investigations across SIEM, EDR, CSPM, and cloud-native log sources including identity provider logs, cloud audit trails, and network flow data—spanning both corporate and product infrastructure.
  • Execute established IR runbooks across identity, endpoint, cloud, and email investigation workflows.
  • Manage or assist with evidence handling, forensic artifact collection, and chain-of-custody procedures.
  • Produce clear, decision-ready incident summaries and post-incident reports for both technical and leadership audiences.
  • Contribute to the design, implementation, and tuning of detection rules across SIEM and EDR platforms, with a focus on reducing false positives and closing coverage gaps.
  • Translate threat intelligence (CVE advisories, CISA alerts, vendor bulletins, open-source feeds) into actionable detection content, with particular attention to threats targeting privileged access tooling and supply chain attack vectors.
  • Help maintain and evolve detection coverage mapped to MITRE ATT&CK.
  • Partner with threat hunting peers to validate detection logic through hypothesis-driven hunts.
  • Use AI-driven tools for alert triage, enrichment, and investigation as a standard part of daily operations.
  • Contribute to the evaluation, integration, and optimization of AI and automation capabilities across the team’s workflows.
  • Assist in designing prompts, agent workflows, or LLM-based pipelines that augment analyst capabilities and reduce manual effort.
  • Partner with engineering teams to improve log ingestion, data quality, and tool integrations.
  • Maintain daily operational notes and shift handoff documentation.
  • Contribute to and refine IR runbooks, playbooks, and standard operating procedures.
  • Participate in on-call rotation for after-hours incident escalation.
  • Track and report on operational metrics (MTTD, MTTR, MTTC, false positive rate) and identify improvement opportunities.
  • Participate in tabletop exercises, purple team activities, and post-incident reviews.

Requirements

What you’ll need
  • 2+ years of experience in a SOC, security operations, or incident response role.
  • Understanding of common attack frameworks (MITRE ATT&CK), network protocols, and endpoint behavior.
  • Experience with at least one SIEM platform and familiarity with writing search or detection queries.
  • Familiarity with EDR platforms and cloud environments (IaaS preferred).
  • Comfort using AI systems (e.g., LLM-based assistants, copilots, or AI-driven analysis tools) as part of security workflows.
  • Strong written communication skills; able to document findings clearly and concisely for both technical and non-technical audiences.

Benefits

Comp & perks
  • Health insurance
  • 401(k) matching
  • Flexible work hours
  • Paid time off
  • Professional development opportunities

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
SIEMEDRCSPMincident responseforensic analysisthreat intelligencedetection rulesAI-driven toolsnetwork protocolsMITRE ATT&CK
Soft Skills
strong written communicationstakeholder communicationincident documentationteam collaborationproblem-solvingattention to detailanalytical thinkingleadershipadaptabilitytime management