Senior Security Operations Analyst

Who are we?
Smarsh empowers its customers to manage risk and unleash intelligence in their digital communications. Our growing community of over 6500 organizations in regulated industries counts on Smarsh every day to help them spot compliance, legal or reputational risks in 80+ communication channels before those risks become regulatory fines or headlines.  Relentless innovation has fueled our journey to consistent leadership recognition from analysts like Gartner and Forrester, and our sustained, aggressive growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008.
About the teamThe Security Operations Analyst is the first line of defence in the Security Operations Center (SOC). This role is responsible for real-time monitoring and initial analysis of security events and alerts. The analyst plays a crucial role in identifying potential security threats and escalating them to higher tiers as necessary, ensuring the overall security posture of the organization.

Roles and Responsibilities

• Threat Research - Research on new ATP's, Threats, identifying the new indicators of compromise (IOC's), Tactics, Techniques and Procedures (TTP's).
• Responsible for end-to-end security incident triage. Working with respective teams providing contextual information for security incident remediation.
• Recommend fine tuning and configuration changes to Security platforms which will improve the accuracy of detections and bring down the false positives
• Experience in creation and integration of playbooks and custom parsers for SOC tools
• Develop and maintain incident response play books and for continuous service improvements
• Analyse monthly Security reports from the platforms and vendors to identify trends and vulnerabilities within the infrastructure
• Conduct computer, network forensic investigation functions and malware analysis to determine the target
• Coordinate efforts with globally dispersed teams.
• Document decisions regarding technology choices, best practices and process.
• Contribute to architectural conversations and plans.
• Collaborate with engineers and development teams to integrate security practices into the CI/CD pipeline and automate security processes.
• Being on-call and providing after hours response.
• Subject matter expert in security audits and compliance assessments to ensure adherence to industry regulations (e.g., GDPR, HIPAA, SOC, ISO) and internal security requirements.
• Lead the creation of comprehensive security documentation and training materials for both technical and non-technical audiences.
• Lead collaborations with developers and engineers to simulate realistic cyber-attack scenarios aimed at identifying vulnerabilities in the applications and infrastructure.
• Provide the oversight of third-party Security Operations Center (SOC), and second-level incident investigation and triage.
• Mentor and guide junior security engineers, fostering their technical growth and professional development.
• Take lead to create documentation and training materials for Security Operations.

Education & experience

• Professional degree in Computer Science from a reputed college with consistent academic record
• 6+ years of experience in cybersecurity, with significant time spent in security operations.
• Expert knowledge of advanced cyber threats, attack methodologies, and countermeasures.
• Proficiency in SIEM, IDS/IPS, forensic tools, and threat intelligence platforms.
• Hands-on experience in security systems, including EDR, firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
• Strong expertise in incident response, threat hunting, and malware analysis
• Ability to discuss and articulate Security Frameworks, Technologies and Best practises
• Support Security Analysts to provide additional subject matter expertise
• Proven Experience with SIEM, EDR, IDS/IPS and network forensic tools
• Experience in handling Security Events, Incidents, Breaches and Zero days
• Exhibit good judgement in managing workload, including when to communicate project risks.
• In-depth understanding of cybersecurity principles, practices, and methodologies.
• Familiarity with common cyber threats, attack vectors, and vulnerabilities.
• Experience securing cloud environments, such as AWS, Azure, or Google Cloud.
• Proficient with incident response procedures and best practices.
• Knowledge of cryptographic protocols and key management.
• Proficiency in scripting languages (e.g., Python, PowerShell) to automate security tasks.
• Dedication to staying updated with the latest security trends, tools, and techniques.
• Proficiency in creating clear and comprehensive security documentation, reports, and procedures.
• Familiarity with relevant regulations (GDPR, HIPAA, etc.) and industry standards (ISO 27001, NIST).
• Excellent verbal and written English skills to collaborate with cross-functional teams and convey security concepts to non-technical stakeholders.
• Experience with common security tools, such as Burp/ZAP, Nessus, Kali Linux, etc.
• Experience with Threat Modelling and Vulnerability Management Tools
• Security certifications such as GCIH, GCIA, CASP or GCFA.

About our culture
Smarsh hires lifelong learners with a passion for innovating with purpose, humility and humor. Collaboration is at the heart of everything we do. We work closely with the most popular communications platforms and the world’s leading cloud infrastructure platforms. We use the latest in AI/ML technology to help our customers break new ground at scale. We are a global organization that values diversity, and we believe that providing opportunities for everyone to be their authentic self is key to our success. Smarsh leadership, culture, and commitment to developing our people have all garnered Comparably.com Best Places to Work Awards. Come join us and find out what the best work of your career looks like.