We are seeking a Senior Information Security Analyst with deep, hands-on experience across security operations, incident response, and data protection in enterprise, cloud, and SaaS environments. This role is responsible for defending the organization against advanced cyber threats while leading efforts to protect sensitive business, employee, and executive data across on-premise systems, cloud platforms, and collaboration tools such as Microsoft 365.
Requirements
- Lead investigation and response to security incidents across network, endpoint, cloud infrastructure, SaaS platforms (including Office 365), email, and identity systems
- Proactively hunt for threats, suspicious behavior, and signs of data compromise across on-prem, cloud, and SaaS environments
- Analyze logs, alerts, and telemetry from SIEM, EDR, identity, email, and cloud platforms to identify unauthorized access, privilege abuse, lateral movement, and account compromise
- Act as an escalation point for complex or high-impact security incidents, including cloud security breaches and SaaS account takeovers
- Produce clear, defensible incident reports with evidence, root cause analysis, and corrective actions
- Play a lead role in Data Governance and Data Classification initiatives covering on-premise systems, cloud platforms, and SaaS applications
- Design, tune, and support Data Loss Prevention (DLP) controls across email and collaboration platforms (e.g., Office 365), endpoints, cloud storage and SaaS collaboration tools
- Investigate data-related security events, including unauthorized access to sensitive or regulated data in cloud and SaaS platforms, large or unusual data transfers from cloud storage or collaboration systems, data shared externally or to personal accounts from corporate email or SaaS environments
- Partner with business owners to apply risk-based data protection controls without unnecessary friction
- Embed security and data protection requirements into IT and business-led projects involving cloud, SaaS, and hybrid environments
- Identify risks introduced by new systems, integrations, SaaS vendors, cloud services, or workflows
- Recommend pragmatic remediation options, compensating controls, and secure design improvements
- Provide hands-on security architecture guidance for cloud services, SaaS platforms, and identity-centric solutions when needed
- Contribute to security standards, policies, procedures, and technical guidelines related to cloud security, SaaS usage, identity, and data protection
- Perform and review technical risk and threat assessments for critical systems, including cloud-hosted and SaaS-based services
- Support internal and external audits (e.g., PCI, ISO 27001, regulatory reviews)
- Define and track remediation plans through to closure
- Improve detection logic, alert quality, and investigation workflows across SIEM, EDR, email security, cloud security, and SaaS telemetry
- Evaluate new security tools and capabilities with a practical, outcomes-focused mindset
- Reduce noise, false positives, and manual effort where possible
- Stay current on emerging threats targeting cloud platforms, SaaS environments, identity systems, and collaboration tools
- Act as a technical mentor to junior and intermediate analysts
- Lead by example during incidents, investigations, and projects
- Raise the overall maturity of the security operations function across enterprise, cloud, and SaaS environments
Benefits
- Competitive compensation
- Health care
- Progressive and challenging workplace
- Commitment to teamwork and integrity
- Diversity and equal opportunity employment
