Senior Security Analyst
Pondurance
Cyber SecurityLinuxOpen SourceUnix
Senior Security Analyst
BLACKCLOAK
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $100,000 - $130,000 per year
Job Level
Senior
Tech Stack
AWSAzureCloudCyber SecurityGoogle Cloud PlatformLinuxMacOS
About the role
- Monitor and triage security alerts from a variety of sources including SIEM (SecOps, Sentinel), EDR (SentinelOne, CrowdStrike) and cloud security platforms like Wiz, Orca.
- Serve as a primary responder for security incidents, executing the incident response lifecycle from initial detection and containment to eradication and recovery.
- Support development of threat detection library, including incorporating threat intelligence, tuning within security tools, and SOAR response actions.
- Maintain and draft SOP’s and supporting documents for the Incident Response Plan and strategy
- Analyze phishing attempts, malware, and other cyber threats; partner with Security Engineering to devise additional security controls, administer email security, EDR, ZTNA, and other security tooling configurations to block emerging threats.
- Participate in a 24/7 on-call rotation to respond to critical security incidents.
- Support triage and response for compliance alerts and requests, enabling the continuous compliance program at BlackCloak using tools such as Vanta, Drata.
- Prepare and present detailed incident reports and security metrics to technical and leadership audiences.
Requirements
- 4-6 years of direct experience in a Security Operations Center, incident response, threat intelligence, or similar cybersecurity role.
- Ability to navigate complex problems, stay cool under pressure, and be highly inquisitive.
- Hands-on experience with SIEM, SOAR, and other security platforms for log analysis, correlation, automated response, and maturation of detections/runbooks.
- Deep understanding and practical experience with Endpoint Detection and Response (EDR) tools and their investigative capabilities.
- Good knowledge of cloud security principles and services in AWS, Azure, or GCP, including experience with security tools like Wiz or Prisma Cloud.
- Solid understanding of network protocols, operating systems (Windows, Linux, macOS), and common attack vectors (OWASP, MITRE)
- Familiarity with identity and access management concepts, including SAML, OAuth, and role-based access control (RBAC)
- Relevant industry certifications are highly desirable, such as GIAC (GCIH, GCFA), CISSP, or CompTIA Security+.
- Excellent problem-solving skills and the ability to communicate complex technical concepts to both technical and non-technical audiences.
Benefits
- 100% Remote Company, within the USA
- Comprehensive Medical, Dental, and Vision plans with a 100% employer-paid monthly premium option for employees & 50% employer-paid monthly premiums for dependents.
- Health Savings Account with company contribution for eligible medical plans.
- Flexible Vacation Plan
- 10 Paid Company Holidays
- 100% employer-paid Life, AD&D and Short- and Long-Term Disability Insurance
- 401k with Traditional and Roth options, including employer match.
- Company Equity
- Paid Parental and Pregnancy Recovery Leave
- Company and team off-sites and virtual events throughout the year
- Home office stipend
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
SIEMEDRSOARthreat intelligencecloud securitylog analysisautomated responsenetwork protocolsoperating systemsidentity and access management
Soft skills
problem-solvingcommunicationinquisitiveability to stay cool under pressure
Certifications
GIACGCIHGCFACISSPCompTIA Security+
