Senior Security Analyst – Security Operations Center

Lennar

Senior SOC Analyst at Lennar leading incident response efforts and managing escalations in cybersecurity. Collaborating with internal teams for rapid detection and remediation of security threats.

Posted 6/26/2026full-timeIrving • Florida, Texas • 🇺🇸 United StatesSeniorWebsite

Tech Stack

Tools & technologies

CloudCyber SecurityPythonServiceNow

About the role

Key responsibilities & impact

Lead investigations of complex, high severity security incidents from detection through containment, remediation, and recovery
Act as the primary escalation point for Tier 3 alerts and incidents
Perform root cause analysis with actionable remediation plans
Serve as the primary liaison to the MDR provider
Validate and triage MDR alerts
Ensure alignment on response protocols and escalation procedures
Provide tuning recommendations to improve detection fidelity
Develop and maintain incident response playbooks, runbooks, and workflows
Analyze threat actor tactics, techniques, and procedures (TTPs) and translate findings into improved defenses and detection content
Conduct proactive, hypothesis-driven threat hunts across endpoint, identity, network, and cloud telemetry
Leverage threat intelligence and the MITRE ATT&CK framework to surface threats that evade automated detection
Identify recurring, manual, or manual heavy SOC processes
Design automation to reduce analyst effort and accelerate response
Build, test, and maintain automated playbooks and response workflows in a SOAR platform
Monitor and analyze logs and alerts across SIEM, EDR, identity, and cloud platforms
Correlate data across multiple sources to identify patterns, anomalies, and emerging threats
Mentor Tier 1 and Tier 2 analysts
Document incident timelines, findings, and lessons learned
Generate executive-level and technical reports on SOC performance and incidents

Requirements

What you’ll need

Minimum 5-7 years of experience in a cybersecurity operations role
At least 3 years in a Tier 2/Tier 3 SOC or escalation capacity
CompTIA Security+ or equivalent
Proven experience leading incident response triage, investigation, and remediation
In-depth knowledge of security tools and technologies, including SIEM/SOAR platforms (e.g., Microsoft Sentinel)
Endpoint detection and response solutions (e.g., Microsoft Defender XDR, Palo Alto Cortex XDR)
Ticketing systems (e.g., ServiceNow)
Demonstrated ability to author and tune detection content (e.g., KQL in Sentinel/Defender)
Experience analyzing cloud security telemetry
Hands-on experience building or maintaining automated playbooks and response workflows in a SOAR platform
Strong understanding of network security concepts, operating systems, and malware analysis techniques
Familiarity with the MITRE ATT&CK framework and threat intelligence platforms
Excellent analytical, problem-solving, and communication skills
Preferred Certifications such as CISSP, GCIA, GCIH, GCFA, CySA+, eJPT/PJPT, CEH, SC-200
Scripting and automation skills (Python, PowerShell)
Experience supporting an EDR platform migration

Benefits

Comp & perks

Robust health insurance plans, including Medical, Dental, and Vision coverage
401(k) Retirement Plan, complete with a $1 for $1 Company Match up to 5%
Paid Parental Leave
Associate Assistance Plan
Education Assistance Program
Up to $30,000 in Adoption Assistance
Up to three weeks of vacation annually
Generous Holiday, Sick Leave, and Personal Day policies
New Hire Referral Bonus Program
Significant Home Purchase Discounts
Opportunities such as the Everyone’s Included Day

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

incident responseroot cause analysisthreat huntingautomationlog analysisdetection content authoringcloud security analysismalware analysisnetwork securityscripting

Soft Skills

analytical skillsproblem-solvingcommunicationmentoringleadership

Certifications

CompTIA Security+CISSPGCIAGCIHGCFACySA+eJPTPJPTCEHSC-200