Detection Engineer - Remote
Strada
AzureCloudCyber SecurityGoogle Cloud PlatformPythonServiceNowSplunk
Senior Security Analyst
Lennar
full-time
Posted on:
Origin: • 🇺🇸 United States • Florida
Visit company websiteJob Level
Senior
Tech Stack
AWSAzureCloudCyber SecurityPythonServiceNow
About the role
- Senior SOC Analyst (Tier 3) responsible for leading advanced incident response, managing escalations, and coordinating with MDR partner
- Lead investigations of complex security incidents and coordinate response efforts across internal teams and MDR partner
- Perform root cause analysis and develop remediation plans for high-severity incidents
- Act as the primary escalation point for Tier 3 alerts/incidents
- Develop and maintain incident response playbooks and workflows
- Serve as liaison between internal SOC and MDR provider; review and validate MDR alerts; provide feedback and tuning recommendations
- Analyze threat actor TTPs and apply findings to improve defenses
- Monitor and analyze logs and alerts from SIEM, EDR, NDR, etc.; correlate data across sources
- Maintain situational awareness of threat landscape and internal security posture
- Document incident timelines, findings, lessons learned; generate executive and technical reports
- Contribute to compliance and audit efforts by maintaining records and evidence
Requirements
- Minimum 4-5 years of experience in cybersecurity operations role, with at least 2 years in a previous Tier 2/Tier 3 SOC analyst capacity
- CompTIA Security+ or equivalent
- Proven experience in incident response triage, investigation, and working with MDR partners
- In-depth knowledge of security tools and technologies, including SIEM/SOAR platforms (e.g., Microsoft Sentinel), EDR solutions (e.g., Palo Alto Cortex XDR, Microsoft Defender), and ticketing systems (e.g., ServiceNow)
- Strong understanding of network security concepts, operating systems, and malware analysis techniques
- Familiarity with MITRE ATT&CK framework and threat intelligence platforms
- Excellent analytical, problem-solving, and communication skills
- Ability to work under pressure and manage multiple priorities
- Preferred: Certifications such as CISSP, GCIA, GCIH, CySA+, eJPT/PJPT, CEH, SC-200 or equivalent
- Preferred: Experience with cloud security (AWS, Azure)
- Preferred: Experience with Microsoft Sentinel, Proofpoint, Palo Alto Cortex XDR
- Preferred: Scripting skills (Python, PowerShell) for automation and analysis
Similar jobs on JobTailor
Consulting Director – Specialized and Proactive Services
Palo Alto Networks
AWSAzureCloudCyber SecurityGoogle Cloud Platform
Cyber Security Analyst
Diabetes Youth Families
AWSAzureCloudCyber SecurityDNSGoogle Cloud PlatformPythonSplunkTCP/IP
Cloud Security Engineer
Claroty
AWSAzureCloudCyber SecurityIoTMicroservicesPythonServiceNow
Senior Consultant, Platform Professional Services
CrowdStrike
AWSAzureCloudCyber SecurityGoogle Cloud PlatformJavaScriptPythonSplunk