Summary
Seeking a Cyber Threat Analyst to support security operations by triaging escalations, monitoring and investigating incidents, tuning detections, and building SOAR/AI/ML-driven automation to improve threat detection and response.
Key Responsibilities
• Triage and investigate security escalations/detections; determine scope, severity, and root cause
• Monitor cybersecurity events and support incident response/threat hunting
• Develop and implement SOAR automation use cases leveraging AI/ML
• Support deployment, configuration, testing, and maintenance of SOAR and integrated security tools
• Analyze network traffic and assist with vulnerability/CVE impact assessments
• Communicate technical findings to non-technical stakeholders and enforce security standards
Required Qualifications
• 7+ years in security operations, threat hunting, and incident response
• Experience analyzing/tuning alerts across SIEM, EDR/XDR, and Cloud security tools
• SentinelOne experience is mandatory (Splunk strongly preferred; Armis a plus)
• Experience with SOAR platforms and developing automation use cases
• Familiarity with MITRE ATT&CK and NIST frameworks
• Ability to configure/reconfigure security tools (including SentinelOne and Splunk)
• Must hold one or more certifications: CISSP, CISA, CISM, GIAC, RHCE
Candidate MUST HAVE’s
• · 7+ years Security Operations / Threat Hunting / Incident Response
• · SentinelOne (MANDATORY) + strong SIEM experience (Splunk preferred)
• · Hands-on triage/investigation of security alerts across EDR/XDR, Cloud, SIEM
• · SOAR experience: building and implementing automation use cases (AI/ML exposure a plus)
• · Working knowledge of MITRE ATT&CK + NIST
• · One cert required: CISSP, CISA, CISM, GIAC, or RHCE
Apply Now
Apply Now