External Job · via Greenhouse
A

Senior Security Operations Analyst

andurilindustriesCosta Mesa, CA
💰 $166,000 – $220,000/yrFull-time

Quick Summary

Senior Security Operations Analyst responsible for monitoring, threat hunting, and incident response for defense technology systems.

Skills & Keywords

incident responsethreat huntingSIEMPython automation

WHAT YOU'LL DO

  • Triage and respond to alerts / incidents covering multiple disciplines including, but not limited to, phishing, endpoints, cloud infrastructure and services, and SaaS applications
  • Build and optimize tailored detection signatures, response playbooks, and response automation using detection-as-code principles
  • As the frontline of DNR, you will lead the feedback loop for detections, ensuring alerts are fine tuned to reduce false positives
  • Participate in threat modeling scenarios with cross-functional partners to understand weaknesses across Cloud, Mobile, Endpoints, and other environments incorporating findings into security controls and/or detection signatures
  • Organize and conduct threat hunting and data baselines to identify anomalous patterns in data
  • Participate in an on-call rotation responding to security events and conducting incident response investigations while effectively communicating findings to key stakeholders. As a Senior SecOps Analyst, you will serve as an incident commander as necessary.
  • Proactively collaborate with a wide range of stakeholders, guiding detection and response maturity of key worlds, leading incidents and large-scale data baselines, and being responsible with mentoring and guiding junior analysts.

REQUIRED QUALIFICATIONS

  • Experience in security monitoring, log analysis, and detection engineering within large data sets across endpoint, network, and a wide variety of application log sources
  • Experience in Python development, specifically contributing to a shared codebase used for automating SOC operations
  • Must have experience with one or more SIEM languages (SPL, KQL, SQL)
  • Experience conducting analysis in a data lake environment
  • Broad range of practical security knowledge across the spectrum of endpoint, network, identity, application, and cloud infrastructure
  • Knowledge of attacker tactics, techniques, and procedures (TTPs) across Windows, Linux, MacOS, AWS/Azure, etc.
  • Strong communication skills and experience collaborating with internal and external stakeholders
  • Must be able to obtain and hold a U.S. Top Secret security clearance
  • Experience conducting incident response in the Cloud (AWS, Azure, GCP)
  • Digital Forensics and/or reverse engineering experience is a plus!
  • No Financial RequestsAnduril will never solicit payment or demand personal financial details (such as banking information, credit card numbers, or social security numbers) at any stage of our hiring process. Our legitimate recruitment is entirely free for candidates.
  • Please always verify communications Direct from Anduril: If you receive an email from one of our recruiters, it will only come from an @anduril.com address. Via Agency Partner: If contacted by a recruiting agency for an Anduril role, their email will clearly identify their agency. If you suspect any suspicious activity, please verify the agency's authenticity by reaching out to contact@anduril.com.
  • Direct from Anduril: If you receive an email from one of our recruiters, it will only come from an @anduril.com address.
  • Via Agency Partner: If contacted by a recruiting agency for an Anduril role, their email will clearly identify their agency. If you suspect any suspicious activity, please verify the agency's authenticity by reaching out to contact@anduril.com.
  • Exercise Caution with Unsolicited Outreach If you receive any communication that appears suspicious, contains grammatical errors, or makes unusual requests, do not engage. Always confirm the sender's email domain is @anduril.com before providing any personal information or clicking on links.
  • What to Do If You Suspect Fraud Should you encounter any questionable or fraudulent outreach claiming to be from Anduril, please report it immediately to contact@anduril.com. Your proactive caution is invaluable in protecting your personal information and upholding the security and trustworthiness of our recruitment efforts.

Compensation & Benefits

Total rewards package

At Anduril, we invest in our people. Our comprehensive, competitive benefits package (available at little to no cost to employees) ensures you’re supported in health, recovery, and whatever comes next. For more information, Explore Our Benefits.

Anduril is committed to maintaining the integrity of our Talent acquisition process and the security of our candidates. We've observed a rise in sophisticated phishing and fraudulent schemes where individuals impersonate Anduril representatives, luring job seekers with false interviews or job offers. These scammers often attempt to extract payment or sensitive personal information.

ABOUT THE TEAM

Anduril's Detection and Response team is looking for a Security Operations Analyst to be the watchtower for Anduril's critical defense technologies. As a SecOps Analyst on the detection and response team, you'll be responsible for monitoring and responding to adversarial activity while helping incorporate key detection feedback loops with the detection engineering team. As a Senior SecOps Analyst, you will serve as an incident commander alongside other senior analysts. When not responding to threats, you'll be asking questions of our data sets, conducting threat hunting and data normalization operations across the organization to understand user behavior and identify anomalies.

Data Privacy

To view Anduril's candidate data privacy policy, please visit https://anduril.com/applicant-privacy-notice/.

By submitting your application, you consent to Anduril Industries using a third-party service provider to conduct pre-employment risk, integrity, and due diligence screening and assessing potential risks as part of your application process. This third-party service provider provides risk-intelligence services that may include analysis of sanctions and watchlists, adverse media, public-record information, and other lawful open-source or commercial data sources. This third-party service provider does not act as a consumer reporting agency. Use of this provider helps to ensure compliance with applicable laws and protect technology, intellectual property, and organizational security.

Ready to apply?

Apply today for this Senior Security Operations Analyst role.

Senior Security Operations Analyst at andurilindustries | Qiggz