Senior Security Analyst

The Senior Security Analyst is responsible for identifying and mitigating security risks, enhancing threat detection, and ensuring compliance with security controls and policies.

Primary Responsibilities:

• Conducting ongoing research to stay current with cybersecurity threats, trends, and developments.
• Collecting, analyzing, and integrating threat intelligence from internal and external sources to enhance threat detection and response capabilities.
• Managing detection rules, alerts, and reporting within the log management system.
• Analyzing and investigating threats through proactive monitoring, intrusion detection, and incident investigation.
• Developing, reviewing, and maintaining security incident response processes and playbooks.
• Responding promptly and effectively to security incidents reported by internal users and support teams, and recording and documenting investigations, events, and incident details.
• Collaborating with other units to ensure the continuous collection, management, and maintenance of security event log sources.
• Collaborating on system designs and implementations to ensure security is integrated from the ground up.
• Planning and conducting monthly purple team exercises to evaluate detection and response capabilities.
• Documenting identified gaps in technology, processes, or controls and developing new detections or dashboards to address these gaps.
• Providing detailed reports on findings, risks, and remediations from purple teaming activities.
• Participating in risk assessments, conducting security reviews and audits to identify threats and risks, and evaluating the effectiveness of security controls, ensuring adherence to established configuration policies and procedures.
• Generating and providing reports on key information security metrics as management requests.
• Ensuring metrics and reporting support visibility into the effectiveness of security operations, incident response, and threat detection activities.

Desired Qualifications:

• A post-secondary degree or diploma in computer science, information systems, cybersecurity, or equivalent is required.
• Five (5) to seven (7) years of experience in an enterprise security role.
• Strong knowledge base and experience with security tools, technologies, and security frameworks such as NIST CSF, CIS and MIRE ATT&CK.
• Relevant industry certifications such as Security+, GCIH, or CEH are a plus.
• Previous experience working in a large organization providing security operations support, handling multiple priorities, and collaborating with 3rd party vendors, preferably in retail and hospitality industries.
• Exceptional interpersonal skills and excellent written and verbal communication abilities.

Terms of Employment:

• This is a full-time position based on a 37.5-hour work week from Monday through Friday with the potential of participation in after-hour duties.
• This position requires a physical presence at the office but provides opportunities for hybrid work based on team availability and management discretion.
• This is a salaried position that will depend on experience and qualifications.
• Must be able to pass a basic security clearance.