Lead Security Monitoring and Response Analyst at Mastercard coordinating enterprise crisis response and ensuring organizational resilience. Managing multi - region incident response and critical operations continuity.
About the role
- Serve as the senior technical expert within the SOC, providing advanced analysis, guidance, and escalation support for complex security incidents and investigations.
- Lead threat detection and monitoring efforts, ensuring high-quality alerting, correlation logic, and continuous tuning of SIEM, EDR, and related security tools.
- Participate in incident response operations, coordinating containment, eradication, and recovery actions across teams while maintaining situational awareness and clear communication.
- Develop and enhance detection content, including use cases, correlation rules, and analytics to improve visibility and reduce false positives.
- Proactively hunt for threats across endpoints, networks, and cloud environments using behavioral analysis and threat intelligence.
- Mentor and support SOC analysts, providing technical coaching, procedural guidance, and fostering a culture of continuous learning and operational excellence.
- Collaborate with security engineering teams to improve detection capabilities and integrate new data sources and tools.
- Oversee SOC processes and workflows, identifying opportunities for automation, optimization, and alignment with best practices such as MITRE ATT&CK.
- Analyze and communicate security trends and incident metrics, producing actionable reports and recommendations for leadership and stakeholders.
- Contribute to the development of playbooks, SOPs, and response frameworks to standardize SOC operations and improve response maturity.
- Participate in red/blue/purple team exercises to validate and enhance detection and response effectiveness.
- Stay ahead of emerging threats and technologies, advising on strategic improvements to the organization’s overall security posture.
Requirements
- 8+ years of experience in security operations, threat detection, or incident response, with at least 2–3 years in a senior or lead SOC role.
- Proven track record of managing or serving as a senior escalation point for high-impact security incidents.
- Deep understanding of security monitoring tools and technologies, including SIEM (e.g., Splunk, QRadar, Sentinel, Elastic), EDR/XDR, and SOAR platforms.
- Strong proficiency in incident response processes, log analysis, network traffic analysis, and endpoint investigation.
- Familiarity with cloud security monitoring and detection (AWS, Azure, or GCP).
- Experience developing and tuning detection rules, correlation logic, and playbooks to improve SOC efficiency.
- Solid understanding of network protocols, operating systems, and common attacker tools and techniques.
- Demonstrated ability to lead technical teams, mentor junior analysts, and drive cross-functional collaboration.
- Strong analytical, problem-solving, and decision-making skills under pressure.
- Excellent written and verbal communication skills, including the ability to brief executives and non-technical stakeholders.
- Experience developing SOC metrics, dashboards, and reports to track operational performance and threat trends.
- Excellent communication skills, with the ability to present complex findings clearly.
- Certifications (preferred): GIAC Certified Incident Handler (GCIH), GIAC Cyber Threat Intelligence (GCTI), Certified Ethical Hacker (CEH), or related certifications.
- A bachelor's degree in computer science or equivalent.
Benefits
- Medical/Dental/Vision Insurance
- Life Insurance
- Disability Insurance
- 401k Plan + Company Match
- Stock Purchase Plan
- Paid Vacations/Holidays
- Paid Baby Bonding Leave
- Employee Discounts
- PowerU - 100% Funded Education Programs
- Employee Donation Matching
- Volunteer Hour Rewards
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
IT - Security & Resilience Chief Engineer focusing on Security Monitoring for LBBW. Leading IT - Security projects and ensuring compliance and operational security within IT.
Director leading security operations and enhancing vulnerability management at IDEXX. Driving strategic execution and operational excellence across key domains in cybersecurity.
DE
IT Security Operations Specialist ensuring security of global networks, systems, and data. Implementing security controls and performing advanced threat hunting using Microsoft Sentinel and Darktrace.
BI
Bogaard Group International, Inc.GSOC Analyst
GSOC Analyst focusing on critical events and risk management operations at Netflix. Monitoring global threats and coordinating incident management efforts in a hybrid work setting.
BI
Bogaard Group International, Inc.GSOC Analyst
GSOC Analyst monitoring global events and managing critical incidents for Netflix's security operations. Ensuring timely communication and assessment during major security threats.
AS
A SocietySecurity Operations Center Engineer
Security Operations Center Engineer enhancing security posture via automation and threat hunting. Requires strong experience with SIEM and SOAR platforms and Python scripting.
CA
Credit AcceptanceSecurity Operations Vulnerability Analyst II
Security Operations Vulnerability Analyst II identifying and mitigating security vulnerabilities. Collaborating with teams to ensure timely risk remediation and protection of enterprise systems.
ON
OntinueSOC Analyst
Cyber Defender (SOC Analyst) acts as the key point of contact for major security incidents. Coordinating response efforts and enhancing procedures at a leading AI - powered security partner.
CI
Core Specialty Insurance Holdings, Inc.Junior Security Operations Center Analyst
Junior SOC Analyst at Core Specialty responsible for monitoring and triaging security alerts across IT environment. This role offers hands - on experience in cybersecurity with a fast - paced operational environment.