Senior Security Operations Analyst

Full time, 100% Remote

Pay Scale: $90,000 – $140,000

We are seeking a dedicated and detail-oriented Senior Cybersecurity Operations Analyst to join our team. The ideal candidate will have in-depth knowledge and hands-on experience with a wide range of endpoint and cloud security technologies and platforms, focusing on cyber analysis of our endpoints and cloud operations. Key responsibilities will include analyzing potential breaches, implementing Data Loss Prevention (DLP) strategies, and monitoring security incidents to ensure the integrity and security of our systems.

As we enhance our security operations, this role offers a unique opportunity to work with cutting-edge solutions and leverage your skills to automate our security capabilities. Candidates with over 5 years of experience integrating security controls into the secure software development lifecycle are preferred.

Key Responsibilities:

1) Security Monitoring and Incident Response:

• Build a plan and approach to monitor security events, logs and alerts using various security tools and platforms.
• Analyze and respond to security incidents, including root cause analysis and remediation.
• Develop and maintain incident response procedures and playbooks and Security Orchestration, Automation & Remediation tasks

2) System and Network Security:

• Configure and manage security tools and solutions, such as Zscaler for secure internet access and web filtering.
• Implement and maintain endpoint protection strategies using leading antivirus software.
• Ensure security best practices are applied across Google Workspace, Intune, and Kandji-managed devices.
• Creating DLP rules and responding to alerts in GSuite

3) Identity and Access Management:

• Manage and maintain identity and access management systems, particularly Okta Identity Engine, Auth0, and Microsoft Entra (Azure AD).
• Conduct regular audits and reviews of access controls and permissions.

4) Endpoint Security:

• Oversee the security of endpoints, including Windows and MacOS systems.
• Deploy, configure, and manage endpoint security policies using Intune and Kandji.
• Ensure compliance with organizational security policies and standards.

5) Security Assessments and Audits:

• Coordinate remediation of vulnerability scan findings with appropriate system owners and teams.
• Assist in the development and implementation of security policies, standards, and guidelines.
• Conduct risk assessments and recommend mitigations.

6) Collaboration and Support:

• Work closely with IT and other departments to integrate security into all aspects of the organization.
• Provide technical support and guidance on security-related issues.
• Assist in security awareness training and initiatives.

Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field is strongly preferred
• Minimum of 4+ years of experience in a security operations role or similar position.
• Strong knowledge and experience with AWS’s suite of security offerings, Okta, zScaler, Google Workspace, Intune, Kandji, endpoint antivirus and EDR solutions, Entra (Azure AD), and Windows, Linux, and macOS environments.
• Familiarity with security frameworks and standards (e.g., SOC2, NIST, ISO 27001, CIS).
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Relevant certifications (e.g., CompTIA A+/Security+, Certified SOC Analyst (C|SA) or similar) are a plus.

Preferred Skills:

• Experience with SIEM tools and log management/collection/analysis related to security investigations.
• Knowledge of scripting (e.g., Python, PowerShell) and ability to author code.
• Understanding of network security principles and practices.
• Experience with cloud security, particularly in AWS and Azure environments. Experience with endpoint security and MDM tools.
• Knowledge of Security Orchestration and Remediation (SOAR) and ability to script/automate workflows
• Familiarity with running penetration tests, documenting findings, and tracking their remediation with stakeholders
• Forensics – conducting post-alert initial investigations and determining root cause, preparing findings and recommending remedial activities
• Threat Intelligence – using open-source information and existing data lakes to actively hunt and remediate threats that make it past our initial defenses
• Insider Threat / Risk Profiling – experience reducing the potential for insiders to cause havoc without detection by applying controls and reducing overall attack surface
• Familiarity with red, blue, purple teaming exercises and ability to switch between these roles as needed
• Experience and familiarity with implementing or maintaining a secure software development life cycle (e.g. Microsoft Security Development Lifecycle) and common code repo security solutions (Github Advanced Security/Synk) preferred.

Benefits:

• Competitive salary and performance-based bonuses
• Comprehensive health, dental, and vision insurance; 401K match
• Remote work flexibility
• Opportunities for professional growth and development
• A supportive and inclusive company culture

Note: ARIVE is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status or any other characteristic protected by local, state, or federal laws, rules, or regulations.