FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Core Competencies
Role fitCore Competencies
Use this summary to align your resume positioning with the role.
Demonstrates expertise in advanced threat detection, incident investigation, and security monitoring within enterprise environments, utilizing SIEM and EDR tools. Capable of leading high-severity incidents and mentoring junior analysts while collaborating with cross-functional teams to enhance cyber defense strategies.
Highest-signal resume keywords
SIEM Expertise (Splunk, Sentinel)EDR Proficiency (CrowdStrike, Microsoft Defender)Incident Response LeadershipThreat Hunting ExperienceKnowledge of MITRE ATT&CK
ATS Keywords
Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills
Advanced Threat DetectionIncident InvestigationSecurity MonitoringDetection Rule WritingForensic AnalysisVulnerability ManagementBehavioral AnalyticsAutomated SOAR PlaybooksMalware AnalysisNetwork Security
Soft Skills
Analytical SkillsInvestigative SkillsCommunication SkillsMentoringCollaboration
Tools & Technologies
SIEMEDRIDS/IPSFirewallsCloud Security MonitoringAzureAWSTelemetry PlatformsIncident Response ToolsSecurity Audit Tools
Industry Keywords
Cyber DefenseSOC OperationsThreat IntelligenceAdversary Detection TechniquesCyber Kill ChainTTPsRoot Cause AnalysisOperational DisruptionContinuous ImprovementSOP Development
Tech Stack
Tools & technologiesAWSAzureCloudCyber SecurityFirewallsLinuxSplunk
About the role
Key responsibilities & impact- The Expert IT Cyber Defense Analyst is a senior technical role responsible for advanced threat detection, security monitoring, incident investigation, and response across enterprise environments.
- This position acts as a technical authority within the Security Operations Center (SOC), driving high-impact investigations, optimizing detections, mentoring analysts, and strengthening the organization’s overall cyber defense posture.
- The analyst collaborates closely with Incident Response, Cloud Security, Infrastructure, and Threat Intelligence teams to ensure rapid mitigation and continuous improvement of cyber defenses.
- Perform continuous monitoring of network, endpoint, identity, cloud, and application telemetry using SIEM, EDR, IDS/IPS, Firewall, AAD, and vulnerability management platforms.
- Identify sophisticated threats by correlating multi-source telemetry, detecting anomalies, and recognizing attacker TTPs.
- Enhance SIEM and EDR detection logic by creating and tuning correlation rules, behavioral analytics, watchlists, and automated alert workflows to reduce false positives and improve detection fidelity.
- Lead high-severity incidents and complex investigations involving malware, privilege misuse, lateral movement, ransomware indicators, persistence mechanisms, and potential data exfiltration.
- Conduct in-depth forensic analysis of endpoints, logs, cloud audit trails, and network flows to determine root cause, scope, and business impact.
- Collaborate with the Incident Response (IR) team to drive containment, eradication, and recovery efforts with minimal operational disruption.
- Perform proactive threat hunting aligned with the latest threat intelligence, emerging TTPs, vulnerabilities, and adversary campaigns.
- Serve as a subject matter expert for Tier 1 and Tier 2 analysts, providing guidance on triage decisions, investigation handling, and escalation criteria.
- Review and audit alerts handled by junior analysts to ensure accuracy, completeness, and adherence to SOC processes.
- Contribute to SOC capability uplift through training, knowledge sharing, and continuous improvement initiatives.
- Develop, refine, and maintain SOPs, incident response playbooks, and detection runbooks to support consistent and repeatable operations.
- Assess business impact of ongoing or emerging threats and help prioritize response efforts based on severity and risk.
- Communicate technical findings, risks, and remediation recommendations to technical and non-technical stakeholders.
- Collaborate with Cloud, Infrastructure, Application, and Threat Intelligence teams to resolve vulnerabilities and operationalize intelligence-driven detections.
Requirements
What you’ll need- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience.
- 5–8+ years of experience in SOC operations, cyber defense, threat hunting, or incident response roles.
- Strong hands-on expertise with SIEM (Splunk, Sentinel), EDR (CrowdStrike, Microsoft Defender), IDS/IPS, Firewalls, and cloud security monitoring (Azure/AWS).
- Deep knowledge of Windows, Linux, and cloud audit logs, authentication flows, and security telemetry.
- Proven experience investigating high-severity incidents, malware behavior, lateral movement, privilege misuse, and network-based threats.
- Strong understanding of MITRE ATT&CK, cyber kill chain, threat intelligence lifecycle, and adversary detection techniques.
- Experience writing detection rules, triage workflows, and automated SOAR playbooks.
- Strong analytical, investigative, and communication skills.
Benefits
Comp & perks- Quarterly Company-Wide Recharge Days
- Flexible Work Environment (Hybrid)
- Peer-based incentive “Cheer” awards
- Tuition Reimbursement Program
