Analysis Skills, Best Practices, CISSP - Certified Information Systems Security Professional, Cloud Computing, Computer Security, Continuous Improvement, DNS (Domain Name System), Data Sets, Email Security, Enterprise Protection, Firewalls, GCIA - GIAC Certified Intrusion Analyst, GCIH - GIAC Certified Incident Handler, Identity Data Management, Incident Response, Information/Data Security (InfoSec), Internet Security, Malware, Microsoft Active Directory, Microsoft Product Family, Microsoft Windows Azure, Network Integration, Operations Security (OPSEC), Phishing, Ransomware, Security Analysis, Security Information and Event Management (SIEM), Security Monitoring, TCP/IP (Transmission Control Protocol/Internet Protocol), Telemetry, VPN (Virtual Private Network)
The Senior Security Analyst is responsible for protecting the organization's systems, networks, and data through advanced threat detection, analysis, and response. This role requires deep XDR/SIEM expertise (primary focus), with hands-on experience configuring, tuning, and optimizing modern cybersecurity tools.
Key responsibilities include managing and enhancing a diverse security stack, including Palo Alto firewalls, Darktrace, Proofpoint, Varonis, Qualys, Infoblox, and Cloudflare. The analyst will operate within a Microsoft hybrid Azure environment, ensuring secure integration between on-premises and cloud systems.
A core function of the role is to configure, tune, and optimize XDR/SIEM platforms, including rule creation, alert correlation, and log ingestion, to improve detection accuracy and reduce false positives. The analyst will integrate telemetry from network, DNS, endpoint, email, and data security tools to deliver high-fidelity, end-to-end threat visibility.
Day-to-day responsibilities include security operations, such as monitoring alerts, investigating incidents, and responding to cybersecurity-related support tickets. The role also includes project-based work, focused on implementing, configuring, and continuously improving security controls and detection capabilities across the environment.
- 5+ years of experience in cybersecurity, security operations, or security engineering roles
- 3+ years of hands-on experience administering and tuning XDR/SIEM platforms
- Strong experience with Microsoft hybrid environments, including on-prem Active Directory and Azure
- Experience configuring and managing enterprise security tools
- Strong understanding of:
- TCP/IP, DNS, VPNs, and firewall technologies
- Endpoint detection and response (EDR/XDR)
- Identity and access management
- Cloud security best practices
- Experience investigating phishing, malware, ransomware, and insider threat incidents
- Ability to analyze large datasets and security telemetry to identify anomalies and threats
- Experience supporting cybersecurity audits, compliance, or governance initiatives
Industry certifications preferred, such as:
E
EXOS (formerly Sondhi Solutions)