Senior Security Operations Analyst - Cloud / Cyber/ Network / Applications - with Sentinel , Defender, Palo Alto , SIEM, EDR, MDR exp - Irvine CA - Hybrid work

Senior Security Operations Analyst - Cloud / Cyber/ Network / Applications - Security analyst with Palo Alto , SIEM, EDR, MDR exp - Irvine CA - Hybrid work

Key skills : Sentinel , Defender

Position Title: Senior Security Operations Analyst

Department: Information Security (CISO Office)

Location: Irvine CA / Hybrid work

Reports To: CISO

Role Overview

As a Senior Security Operations Analyst, you will be a key member of our Security Operations team, responsible for detecting, investigating, and responding to cyber threats across our enterprise. You will help build and mature our SOC (Security Operations Center) capabilities, contribute to threat intelligence and incident response, and play a critical role in securing our e-commerce platforms, customer data, and connected product ecosystem.

This role requires a balance of hands-on technical expertise, analytical thinking, and the ability to communicate risk and remediation clearly to both technical and business stakeholders.

Key Responsibilities

Security Monitoring & Detection

• Lead monitoring of security events across SIEM, EDR, cloud, and network security platforms.
• Analyze alerts, correlate data, and distinguish between true positives, false positives, and emerging threats.
• Develop, tune, and improve detection use cases, rules, and automation playbooks.

Incident Response & Forensics

• Serve as a first responder and subject matter expert for security incidents, leading investigations and containment activities.
• Conduct forensic analysis on endpoints, cloud environments, and applications when necessary.
• Collaborate with IT, cloud, and DevOps teams to ensure rapid remediation and recovery.

Threat Intelligence & Hunting

• Perform proactive threat hunting activities to identify hidden risks or advanced persistent threats.
• Leverage external threat intelligence to enrich investigations and improve defensive measures.
• Stay current with evolving attack techniques, malware trends, and vulnerabilities relevant to retail, e-commerce, and IoT/connected devices.

Governance, Risk, and Compliance (Support)

• Support compliance initiatives (PCI-DSS, SOC2, ISO 27001, GDPR, CCPA, NIST etc.) by ensuring security controls are effective.
• Provide input into risk assessments and partner with vulnerability management to prioritize patching.

Collaboration & Continuous Improvement

• Partner with IT, Product, e-commerce, and retail technology teams to secure new business initiatives.
• Mentor junior analysts and contribute to knowledge-sharing across the team.
• Recommend and implement process improvements, automation, and best practices.

Qualifications

Required Skills & Experience

• 5+ years in a security operations or incident response role, with experience in enterprise-scale environments.
• Strong knowledge of SIEM, EDR, MDR, firewalls, and cloud-native security tools (AWS/Google Cloud Platform/Azure).
• Hands-on experience with incident handling, digital forensics, and malware analysis.
• Familiarity with MITRE ATT&CK, cyber kill chain, and common threat actor tactics.
• Proficiency in scripting (Python, PowerShell, or similar) to automate investigations or workflows.
• Excellent communication skills, with the ability to explain technical risks to non-technical stakeholders.

Preferred Skills

• Experience in retail, e-commerce, or IoT/connected device security.
• Experience in key principles of incident response & security operations.
• Experience in MDR & SIEM solutions
• retail, e-commerce, or IoT/connected device security.
• Exposure to PCI-DSS or other retail payment security frameworks.
• Knowledge of container security (Kubernetes, Docker) and DevSecOps practices.
• Relevant certifications: GCIA, GCIH, GCFA, CEH, OSCP, or CISSP.