Network Security Analyst II

As a Network Security Analyst, you'll move our client, and your career, forward by performing monitoring, investigating and protecting the network security infrastructure, ensuring its performance, reliability, and security. This role is focused on analyzing, optimizing, and enhancing the effectiveness of the organization's network security ecosystem. The analyst will leverage data across security platforms to identify trends, improve policy posture, and drive actionable recommendations. The ideal candidate brings a strong analytical mindset, hands-on experience with security tools, and a proactive approach to improving detection, response, and operational efficiency.

Candidates represented by third party employers cannot be considered.

How You'll Help Move Us Forward
* Analyze data across network security platforms (firewalls, WAF, proxy, SIEM) to identify trends, gaps, and optimization opportunities
* Perform ongoing rule and policy reviews across security controls (e.g., firewall, WAF, proxy) to improve effectiveness and reduce noise
* Develop and refine use cases, alerts, and dashboards in Splunk to enhance visibility and detection capabilities
* Translate security telemetry into actionable insights and recommendations for tuning policies and improving security posture
* Partner with engineering and operations teams to implement data-driven improvements and automation opportunities
* Evaluate alert fidelity and reduce false positives through tuning, correlation, and enrichment strategies
* Support incident investigations by analyzing logs, network traffic, and security events to determine root cause and impact
* Build and maintain reporting that communicates security posture, trends, and key metrics to technical and non-technical stakeholders
* Identify and implement automation opportunities across security workflows to improve efficiency and response times
* Contribute to continuous improvement of security standards, processes, and best practices
* Maintain clear and accurate documentation of analysis, findings, and recommended changes
* Stay current with emerging threats, detection techniques, and security analytics best practices

The Experience You Bring
5+ years of experience in a Cybersecurity / Network Security Analyst role within an enterprise SOC or operations environment
Strong hands-on experience with Splunk (or similar SIEM) including query development (SPL), alerting, and dashboard creation
Proven experience in threat hunting and detection engineering using network and security telemetry
Deep familiarity with Palo Alto firewalls, Zscaler, and Imperva (or similar WAF technologies)
Experience performing policy tuning and rule optimization across network security controls
Strong understanding of network protocols, traffic analysis, and attack techniques (e.g., lateral movement, C2, exfiltration)
Experience with tools such as FireMon, Backbox, RSA, SolarWinds, Wireshark, and ServiceNow
Familiarity with MITRE ATT&CK framework and applying it to detection coverage and threat hunting
Working knowledge of identity systems (Entra ID / Active Directory) and their integration with security telemetry
Scripting or automation experience (Python, PowerShell, or similar) for improving workflows and detections
Strong analytical mindset with the ability to turn raw data into actionable security improvements
Experience working in distributed or hybrid team environments
Excellent communication skills, with the ability to clearly present findings and recommendations to both technical and business stakeholders
Relevant certifications such as GSEC, GCIA, GCDA, CCSP, or CISSP preferred

TECHNICAL SKILLS
Must Have
* 5+ years of experience in a Cybersecurity / Network Security Analyst role within an enterprise SOC or operations environment
* Deep familiarity with Palo Alto firewalls, Zscaler, and Imperva (or similar WAF technologies)
* Experience performing policy tuning and rule optimization across network security controls
* Experience with tools such as FireMon, Backbox, RSA, SolarWinds, Wireshark, and ServiceNow
* Familiarity with MITRE ATT&CK framework and applying it to detection coverage and threat hunting
* Proven experience in threat hunting and detection engineering using network and security telemetry
* Scripting or automation experience (Python, PowerShell, or similar) for improving workflows and detections
* Strong hands-on experience with Splunk (or similar SIEM) including query development (SPL), alerting, and dashboard creation
* Strong understanding of network protocols, traffic analysis, and attack techniques (e.g., lateral movement, C2, exfiltration)
* Working knowledge of identity systems (Entra ID / Active Directory) and their integration with security telemetry
Nice To Have
* Relevant certifications such as GSEC, GCIA, GCDA, CCSP, or CISSP preferred

All qualified applicants will receive consideration for employment without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, medical condition, genetic information, pregnancy, or military or veteran status. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the California Fair Chance Act, City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, and Los Angeles County Fair Chance Ordinance.