Security Analyst

impact.com is the world’s leading commerce partnership marketing platform, transforming the way businesses grow by enabling them to discover, manage, and scale partnerships across the entire customer journey. From affiliates and influencers to content publishers, brand ambassadors, and customer advocates, impact.com empowers brands to drive trusted, performance-based growth through authentic relationships. Its award-winning products—Performance (affiliate), Creator (influencer), and Advocate (customer referral)—unify every type of partner into one integrated platform. As consumers increasingly rely on recommendations from people and communities they trust, impact.com helps brands show up where it matters most. Today, over 5,000 global brands, including Walmart, Uber, Shopify, Lenovo, L’Oréal, and Fanatics, rely on impact.com to power more than 225,000 partnerships that deliver measurable business results.

As an L2 Security Analyst, you move beyond the "what" and into the "how" and "why." You will handle escalated incidents that require deep technical dives and proactive measures. You are expected to be a self-starter who can manage complex security projects independently, specifically focusing on our SASE/SSE architecture and advanced Cloud environments.

• →Advanced Investigation: Lead deep-dive forensics for escalated alerts from L1, determining the root cause and scope of breaches.
• →Threat Hunting: Conduct proactive threat hunting missions across AWS and Google Cloud to find "living off the land" attackers.
• →Infrastructure Security: Manage and optimize SASE/SSE policies to ensure secure access for our remote workforce.
• →Secure SDLC: Partner with DevOps to integrate security scanning and best practices into the SDLC.
• →AI Implementation: Lead the implementation of AI/Machine Learning models for predictive threat detection and behavioral analysis.

• Experience: 2-5 + years of dedicated experience in a SOC or Incident Response role.
• Cloud Mastery: Proven experience securing and auditing Google Cloud and AWS environments.
• Advanced Tooling: Expertise in configuring SIEM correlation rules and fine-tuning AV/EDR policies to reduce false positives.
• Independence: Proven ability to work independently, managing long-term security projects with minimal supervision.
• Education: Knowledge of both Red Team (offensive) and Blue Team (defensive) methodologies to better anticipate adversary moves.