Security Operations Analyst

Security Operations Analyst

As a Security Operations Analyst you will support the day-to-day work of the Security Operations team by helping monitor, analyze, and respond to security events. In this role, you'll work with security tools and policies, contribute to change management activities, and assist with incident response efforts. You'll collaborate closely with experienced team members, follow established processes, and help document and continuously improve how the team operates. This position also includes participating in an on-call rotation, ensuring security incidents are handled promptly even outside regular business hours.

Key Responsibilities:

• Actively monitor and respond to security alerts from tools such as SIEM, EDR, CNAP, and other security platforms.
• Analyze security alerts to identify true positives and document tuning opportunities to reduce false positives.
• Support change management processes, reviewing firewall ACLs, critical system configuration changes, and other security-related requests to reduce risk and impact.
• Process web filtering and USB exception requests and ensure alignment with organizational policies.
• Manage security platforms, including EDR, Web Filtering, CSPM, and vulnerability scanning, maintaining policies, profiles, and configurations.
• Configure and run network and endpoint vulnerability scans, collaborating with technical teams to mitigate risks through patching and configuration changes.
• Contribute to security tooling policies and process improvements to mature defense controls and support business-as-usual operations.
• Assist in initiating and coordinating end-to-end incident response activities as needed.
• Maintain accurate documentation of incidents, alerts, changes, and tool configurations for compliance purposes.

Qualifications:

• 2 – 4 years of experience in security operations, SOC, or incident response roles.
• Hands-on experience with SIEM, EDR, CSPM, vulnerability scanning, and web filtering solutions.
• Familiarity with firewall rules, change management, and critical system configurations.
• Strong analytical, problem-solving, and documentation skills.
• Ability to collaborate with technical teams to remediate vulnerabilities and security gaps.
• Security certifications (e.g., Security+, CySA+, or equivalent) preferred.