Lead Threat Operations Analyst

Kaseya® is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners www.insightpartners.com), a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve.

Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to www.Kaseya.com and for more information on Kaseya’s culture, please click here: Kaseya Culture.

Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. We have achieved record levels of success being BOLD, being GRITTY, being ACCOUNTABLE. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers, and the betterment of their careers and long-term financial wealth. 

As a Lead Threat Operation Analyst at Kaseya, you will play a crucial role in safeguarding our global IT management platform and infrastructure from emerging cyber threats. You will lead threat detection, incident response, and mitigation efforts, ensuring that Kaseya's systems and customer environments are protected from malicious activities. This position requires deep technical expertise in cybersecurity, leadership capabilities, and the ability to stay ahead of evolving cyber threat landscapes.

Key Responsibilities:

1. Threat Monitoring and Detection:

   • Lead the security operations team in monitoring, detecting, and responding to potential threats in real-time using SIEM (Security Information and Event Management) systems and other security tools.
   • Conduct regular threat hunting activities to proactively identify suspicious behaviors and vulnerabilities within Kaseya’s environment.

2. Incident Response & Management:

   • Manage and lead the response to cybersecurity incidents, ensuring that appropriate actions are taken to contain and mitigate threats.
   • Develop and refine incident response playbooks, ensuring that responses are consistent, efficient, and meet compliance requirements.
   • Collaborate with cross-functional teams, such as IT, engineering, and compliance, during critical security incidents.

3. Threat Intelligence:

   • Analyze and interpret threat intelligence data from internal and external sources to identify new or emerging threats and vulnerabilities that could impact the organization or its clients.
   • Stay informed about the latest industry trends, vulnerabilities, and cyber-attacks, and translate that information into actionable defensive strategies.

4. Security Strategy & Leadership:

   • Lead, mentor, and develop junior threat analysts and security personnel, fostering a culture of continuous improvement and security excellence.
   • Collaborate with senior management to ensure alignment between threat operations and the broader organizational security strategy.
   • Provide recommendations on improving security posture, architecture, and policies based on threat intelligence and incident findings.

5. Security Tools & Automation:

   • Oversee the implementation, tuning, and maintenance of security tools, such as firewalls, IDS/IPS, endpoint detection & response (EDR) platforms, and SIEM systems.
   • Identify opportunities for automation of threat detection and response processes to increase efficiency and reduce manual workload.

6. Risk Assessment & Vulnerability Management:

   • Assist in the identification and assessment of vulnerabilities across Kaseya’s infrastructure and provide recommendations for remediation.
   • Perform regular security assessments, audits, and penetration tests to evaluate security controls and uncover potential risks.

7. Compliance and Reporting:

   • Ensure compliance with relevant cybersecurity frameworks, such as NIST, ISO 27001, and GDPR, when handling threat operations and incident management.
   • Prepare detailed post-incident reports and present findings to key stakeholders, including executives and clients.

8. Collaboration & Communication:

   • Work closely with third-party vendors, service providers, and customers to address security concerns, share threat intelligence, and respond to incidents affecting customers.
   • Regularly report on security metrics, including incident trends, threat landscape updates, and operational effectiveness, to senior management.

Qualifications:

• Bachelor’s degree in Information Security, Computer Science, or a related field (Master’s degree preferred).
• 7+ years of experience in cybersecurity, with at least 3+ years in a leadership role in threat operations or incident response.
• Deep understanding of network and endpoint security technologies, such as firewalls, IDS/IPS, SIEM, EDR, and vulnerability management tools.
• Proven experience in handling advanced persistent threats (APTs), malware analysis, and forensic investigations.
• In-depth knowledge of various attack vectors, including phishing, DDoS, ransomware, and supply chain attacks.
• Strong experience in scripting and automation (Python, PowerShell, or similar) for security operations.
• Relevant industry certifications (CISSP, CEH, GIAC, CISM, or equivalent) are highly desirable.
• Excellent communication and leadership skills, with the ability to work well in a fast-paced, collaborative environment.

Preferred Skills:

• Experience with cloud security in platforms such as AWS, Azure, or Google Cloud.
• Experience in managing SOC (Security Operations Center) teams.
• Familiarity with frameworks such as MITRE ATT&CK, OWASP Top 10, and the Cyber Kill Chain.
• Knowledge of regulatory compliance requirements (e.g., PCI-DSS, HIPAA, GDPR).

Join the Kaseya growth rocket ship and see how we are #ChangingLives !

Additional information
Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law.