Threat Detection and Response Analyst

Deep understanding of adversary tradecraft, the MITRE ATT&CK framework, and modern threat landscapes Experience with SIEM, EDR, and cloud-native detection tools (e.g., CrowdStrike, Alienvault, AWS GuardDuty, Azure Defender, Elastic, etc.) Strong analytical and investigative mindset Familiarity with scripting languages (Python, PowerShell, etc.) Knowledge of network protocols, operating system internals, and log analysis Excellent written and verbal communication skills Demonstrated ability to work both independently and collaboratively Bachelor’s degree in Cybersecurity, Computer Science, or a related field (or equivalent experience) 5–8 years of experience in cybersecurity, including 3+ years focused on threat hunting, detection engineering, or incident response Relevant certifications are a plus (e.g., GCFA, GCTI, GNFA, OSCP, or equivalent)

Perform cybersecurity threat detection, analysis, and mitigation Perform proactive threat hunting across systems, networks, and cloud environments Investigate potential security incidents Collaborate with other Security Analysts and Security Engineering personnel Develop and tune custom detection rules, scripts, and playbooks Design, build, and maintain scalable detection logic across SIEM and EDR platforms Review and triage alerts and logs, escalating significant incidents Monitor external service providers for suspicious activity Perform continuous analysis of threat intelligence, tactics, techniques, and procedures (TTPs) Utilize Cyber Threat Intelligence sources and workflows Document and communicate findings with clear technical and business context Contribute to purple team exercises, attack simulations, and post-incident reviews Mentor junior analysts