We're looking for a Security Analyst / Senior Security Analyst to join our corporate Security Operations team and focus on securing our internal corporate systems and infrastructure. This role is critical in protecting our company's employees, data, and assets from cyber threats. You will be responsible for a wide range of security activities, including threat detection, incident response, vulnerability management, vendor risk management, and security awareness. This position requires a proactive mindset, strong technical skills, and a commitment to continuous learning in a fast-paced environment.
Getting started
Paragraph text, left-aligned, bold supported
In your role, you'll...
Threat Detection & Monitoring:
- Monitor security alerts from various sources (SIEM, EDR, network logs) to identify and investigate potential security incidents.
- Analyze system logs and network traffic to detect anomalous behavior and indicators of compromise (IOCs).
Incident Response:
- Respond to and investigate reported phishing emails, quarantining malicious content and analyzing threats.
- Serve as a key responder during security incidents, following established procedures for containment, eradication, and recovery.
- Conduct analysis to determine the root cause of incidents and provide recommendations to prevent recurrence.
- Document all phases of the incident response lifecycle.
Vendor Risk Management:
- Conduct vendor security risk reviews for new and existing third-party services, evaluating their security posture and compliance.
Vulnerability Management:
- Perform regular vulnerability scans of corporate systems and infrastructure.
- Analyze scan results, prioritize vulnerabilities based on risk, and work with IT teams to ensure timely remediation.
Tooling, Policy & Security Awareness Support
- Help test and validate security policy updates across tools such as CrowdStrike, FortiDLP, BeyondTrust, and Okta.
- Support webhook testing, automation pilots, or policy rollout validation in coordination with senior staff.
- Maintain internal documentation for alert triage, configuration guides, and user-facing security guidance.
- Contribute to the development of security awareness training for all employees.
About you
- Security analyst or similar role, typically 3+ years for Security Analyst, or 6+ years for Senior Security Analyst.
- Hands-on work with security tools such as SIEM platforms (e.g., Datadog, Splunk), EDR solutions (e.g., CrowdStrike), and vulnerability scanners (e.g., Nessus).
- Incident response experience, including investigating, containing, and remediating security incidents.
Technical Skills:
- Familiarity with supporting Windows, macOS, and Ubuntu endpoints.
- Understanding of APIs and their security implications, particularly for vendor security assessments.
- Strong grasp of networking fundamentals (TCP/IP, firewalls, proxies, SD-WANs, SSH) and the ability to interpret logs and system telemetry.
- Ability to analyze logs from EDR tools, cloud consoles, and email headers to identify indicators of compromise or policy violations.
- Knowledge of cloud security principles and common platforms (AWS, Azure, GCP).
- Experience with scripting languages (e.g., Python, Bash, PowerShell) is a plus.
Soft Skills:
- Excellent problem-solving and analytical skills.
- Strong communication and collaboration skills, with the ability to explain technical issues to non-technical stakeholders.
- Self-starter who can manage multiple priorities independently.
Pursue Truth While Finding Yours
At Everlaw, we are deeply invested in pursuing the truth, for our clients and for our employees. We know that when you’re empowered to pursue your passions, it is reflected in the work. That’s why we’re committed to the professional growth of all our team members, offering an annual learning and development stipend and regular career check-ins with managers. If you’re looking for a place that values passion, integrity, and a desire to learn, we’d love to hear from you!