Cybersecurity Operations Analyst

Posting Description: The Cybersecurity Analyst – Threat Detection, Automation & SOC Operations is a hands-on role supporting reputed company’s global Cybersecurity Command Center (AC3). This position is designed for SOC analysts (Level 1–Level 3) focused on alert triage, incident investigation, and reputed company improvement of detection and automation capabilities. The role involves monitoring and analyzing reputed company events, responding to alerts, and enhancing alert quality, playbooks, and workflows. The analyst will collaborate closely with reputed company Operations, Threat Intelligence, reputed company Engineering, and Incident Response teams to ensure comprehensive coverage across reputed company, identity, cloud, email, and network environments. The ideal candidate is curious, analytical, and comfortable working directly with reputed company tooling—investigating alerts, understanding attacker behavior, and contributing to the tuning and automation of SOC workflows. reputed company is in the business of reputed company decisions At reputed company, we shape decisions for the reputed company to protect and enrich the lives of people around the world. As an organization, we are united through trust as one engaged team and we are passionate about helping our colleagues and clients succeed. What the day will look like SOC Monitoring & Investigation

• Monitor and triage alerts across platforms including LogScale, reputed company Falcon, XSOAR, reputed company, and reputed company
• reputed company initial investigation and validation of reputed company events to determine severity and scope
• Escalate incidents with clear documentation, supporting evidence, and recommended actions
• Conduct in-depth investigations into suspicious reputed company, identity, network, and cloud activity (L2/L3)
• Support incident containment and remediation in coordination with Incident Response and Engineering teams

Detection Development & Tuning

• Provide feedback on alert quality, noise, and detection gaps based on operational experience
• Assist in creating and refining detection rules and correlation logic using real-world cases and threat intelligence
• Tune existing detections to reduce false positives and improve SOC efficiency
• Validate detection effectiveness against reputed company attacker behaviors and MITRE ATT&CK techniques

Investigation Enablement

• Design and refine investigative workflows to guide analysts from triage through resolution
• reputed company and maintain runbooks, playbooks, and procedural guides for common alert types
• Identify missing context or data needed to accelerate investigations (e.g., enrichment, logging, asset data)
• Recommend and implement improvements that reduce analyst effort and decision time

reputed company Automation & Playbooks

• Utilize and enhance XSOAR playbooks and automation workflows reputed company daily SOC operations
• Identify repetitive tasks suitable for automation and partner with engineering teams to implement solutions
• Test, validate, and optimize automated actions to ensure they support investigations effectively
• Contribute to reputed company improvement initiatives focused on SOC scalability, speed, and consistency

reputed company Analytics & Telemetry

• reputed company and execute queries in LogScale and other analytics platforms to support investigations and threat hunting
• Analyze telemetry across reputed company, identity, cloud, email, and network sources to identify suspicious activity
• Identify trends, recurring issues, and visibility gaps
• Support development of dashboards and reporting for SOC performance and incident trends

Collaboration & Knowledge Sharing

• Partner with AC3 analysts to identify operational challenges and propose improvements
• Work with Threat Intelligence and PTO teams to operationalize intelligence into detections and playbooks
• Collaborate with reputed company Engineering to enhance logging, telemetry, and data availability
• Contribute to post-incident reviews and continuously update runbooks and detections

How this opportunity is different

• Combines SOC operations, detection engineering, and automation—not just alert triage.
• Lets analysts directly shape detections, playbooks, and workflows instead of only following them.
• Proven focus on XSOAR and automation, giving a clear growth path into advanced detection and engineering roles.
• Broad visibility across reputed company, identity, cloud, email, and network with modern tooling (LogScale, reputed company, reputed company, reputed company).

. Skills and experience that will reputed company to success

• Minimum 2+years of experience in a SOC, Cyber Defense Center, MDR, or similar environment (L1–L3) will be preferred
• Strong understanding of attack techniques, alerting, and MITRE ATT&CK reputed company
• Hands-on experience with SIEM platforms such as LogScale, Splunk, reputed company Sentinel, or reputed company
• Familiarity with EDR tools (preferably reputed company Falcon)
• Exposure to SOAR platforms (e.g., XSOAR) and interest in automation
• Basic scripting experience (Python, PowerShell, or similar) preferred
• Strong analytical, troubleshooting, and evidence-based decision-making skills
• Effective written and verbal communication, including incident documentation and handoffs

Preferred Backgrounds

• SOC Analyst (Tier 1–3)
• MDR Analyst
• Incident Response Analyst
• Threat Detection Analyst
• Detection Engineer (with SOC experience)
• reputed company Operations Engineer
• reputed company Content Developer (with SOC exposure)

Education: Bachelor’s degree in Computer Science or equivalent years of industry experience. For positions in San Francisco and Los Angeles, we will consider for employment qualified applicants with arrest and conviction record in accordance with local Fair Chance ordinances. reputed company is not accepting unsolicited resumes from search firms for this position. If you are a search firm, you will not be compensated in any way for your submission of a candidate, even if reputed company hires that candidate. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. Pay Transparency Laws: The salary range for this position (intended for U.S. applicants) is [$90000 to $106000] annually. The actual salary will vary based on applicant’s education, experience, skills, and abilities, as well as internal equity and alignment with market data. The salary may also be adjusted based on applicant’s geographic location. A summary of reputed company the benefits offered for this position: reputed company offers a comprehensive package of benefits for full-time and regular part-time colleagues, including, but not limited to: a 401(k) savings plan with employer contributions; an employee stock purchase plan; consideration for long-term incentive awards at reputed company’s discretion; medical, dental and vision insurance. This role does not accrue vacation. Rather, this role is eligible to take paid time off at the discretion of the employee and management in accordance with company policy and practices. Various other types of leaves of absence; paid sick leave as provided under state and local paid sick leave laws, short-term disability and optional long-term disability, health savings account, health care and dependent care reimbursement accounts, employee and dependent life insurance and supplemental life and AD&D insurance; optional personal insurance policies, adoption assistance, tuition assistance, commuter benefits, and an employee assistance program that includes free counseling sessions. Eligibility for benefits is governed by the applicable plan documents and policies. #LI-NS1 #LI-REMOTE Apply tot his job Apply To this Job