Information Security Analyst supporting information security function at Ten, a trusted service provider. Ensuring compliance with global standards and managing security risks within the organization.
About the role
- Security Operations Lead overseeing global SOC operations and AI product integration at Replit. Leading monitoring and incident response across multi-cloud environments and AI workloads.
Responsibilities
- Lead, mentor, and scale a global SOC team responsible for 24/7 monitoring, alert intake, triage, correlation, and escalation.
- Build operational rigor: processes, runbooks, SLAs, metrics, and quality standards for high-scale environments.
- Cover monitoring across:
- - Cloud infrastructure (GCP, AWS, Azure)
- - Kubernetes/GKE/EKS/AKS clusters
- - SaaS platforms (Google Workspace, GitHub, Slack, Okta, etc.)
- - Endpoints (macOS, Linux, Windows) including EDR/XDR telemetry
- - Developer platforms + CI/CD pipelines
- - AI/ML systems and model-serving workflows
- Evaluate, adopt, and integrate AI-native SOC technologies for triaging, detection, and correlation.
- Identify opportunities to automate triage, investigations, enrichment, and reporting.
- Serve as the internal expert on the capabilities and limitations of AI-based SOC tooling.
- Own the entire SIEM ecosystem—ingestion, normalization, correlation, enrichment, tuning, dashboards, and metrics.
- Develop high-fidelity detections for:
- - Cloud-native attacks
- - Identity threats and lateral movement
- - SaaS misconfigurations and privilege abuse
- - Endpoint malware/behavior anomalies
- - Insider threats and account takeover patterns
- - Use MITRE ATT&CK, MITRE Cloud Matrix, and threat intel to drive detection coverage.
- Lead day-to-day triage and threat analysis activities, ensuring accurate categorization and prioritization.
- Drive complex investigations involving correlated events across cloud, SaaS, endpoints, and developer platforms.
- Guide root cause analysis and work with owners to drive remediation and architectural improvements.
- Communicate threats, gaps, and trends to leadership and engineering stakeholders.
- Partner with Cloud Security on cloud posture and preventative controls.
Requirements
- 7+ years of experience in Security Operations, with 3+ years in a senior or lead capacity.
- Experience leading or collaborating with 24/7 SOC environments (internal, hybrid, or MSSP).
- Strong experience with SIEM platforms (Chronicle, Splunk, Elastic, Sentinel, Panther, etc.).
- Deep understanding of:
- - Cloud security monitoring (GCP required; AWS/Azure preferred)
- - SaaS security monitoring (Okta, Google Workspace, GitHub, Slack, etc.)
- - Endpoint security telemetry (EDR/XDR tools such as CrowdStrike, SentinelOne, or Defender)
- - Kubernetes and container detection
- Hands-on detection engineering skills, event correlation, threat hunting, and log analysis.
- Familiarity with AI-based SOC platforms and LLM-driven detection/triage tools.
- Strong understanding of identity security, OAuth/OIDC, and API telemetry patterns.
- Experience with SOAR and scripting (Python, Go, Bash).
- Knowledge of MITRE ATT&CK, cloud kill chains, behavioral detections, and detection lifecycle management.
Benefits
- Competitive Salary & Equity
- 401(k) Program
- Health, Dental, Vision and Life Insurance
- Short Term and Long Term Disability
- Paid Parental, Medical, Caregiver Leave
- Commuter Benefits
- Monthly Wellness Stipend
- Autonoumous Work Environement
- In Office Set-Up Reimbursement
- Flexible Time Off (FTO) + Holidays
- Quarterly Team Gatherings
- In Office Amenities
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Security Operations Center Analyst managing incidents and security alerts for 7 - Eleven stores. Focusing on in - depth analysis and proactive monitoring within a state - of - the - art Security Operations Center.
Security Operations Manager at Qnity managing physical security programs across global sites. Overseeing operations and collaborating with cross - functional teams to mitigate risk and maintain secure facilities.
SOC Analyst monitoring security events and responding to incidents at Junglee Games. Collaborating on security protocols to ensure protection of digital assets.
Senior Director of Global Security Operations at CyrusOne strategizing and managing security across global data centers. Driving execution, governance, and operational excellence in a high - availability environment.
Cybersecurity generalist at PwC providing security solutions and maintaining the protection of client systems. Involves monitoring security alerts, incident response, and collaboration with stakeholders.
Security Operations Manager overseeing safety measures for corporate office locations and events at Whatnot. Responsible for developing security frameworks and managing vendor relationships across global operations.
Manager overseeing technical security operations for the Protection Services department. Responsible for managing security systems, staff training, and interdepartmental collaboration.
Principal in Security Monitoring Response at Mastercard managing global crises and resilience operations. Leading incident response efforts and ensuring the safety of people and assets.
SOC Analyst II providing real time security monitoring and threat hunting services for clients in various industries. Assisting in identifying security incidents and managing vulnerabilities.