Cyber Threat Analyst (Sentinel One experience needed)

Summary

Seeking a Cyber Threat Analyst to support security operations by triaging escalations, monitoring and investigating incidents, tuning detections, and building SOAR/AI/ML-driven automation to improve threat detection and response.

Key Responsibilities

• Triage and investigate security escalations/detections; determine scope, severity, and root cause
• Monitor cybersecurity events and support incident response/threat hunting
• Develop and implement SOAR automation use cases leveraging AI/ML
• Support deployment, configuration, testing, and maintenance of SOAR and integrated security tools
• Analyze network traffic and assist with vulnerability/CVE impact assessments
• Communicate technical findings to non-technical stakeholders and enforce security standards

Required Qualifications

• 7+ years in security operations, threat hunting, and incident response
• Experience analyzing/tuning alerts across SIEM, EDR/XDR, and Cloud security tools
• SentinelOne experience is mandatory (Splunk strongly preferred; Armis a plus)
• Experience with SOAR platforms and developing automation use cases
• Familiarity with MITRE ATT&CK and NIST frameworks
• Ability to configure/reconfigure security tools (including SentinelOne and Splunk)
• Must hold one or more certifications: CISSP, CISA, CISM, GIAC, RHCE

Candidate MUST HAVE’s

• ·       7+ years Security Operations / Threat Hunting / Incident Response
• ·       SentinelOne (MANDATORY) + strong SIEM experience (Splunk preferred)
• ·       Hands-on triage/investigation of security alerts across EDR/XDR, Cloud, SIEM
• ·       SOAR experience: building and implementing automation use cases (AI/ML exposure a plus)
• ·       Working knowledge of MITRE ATT&CK + NIST
• ·       One cert required: CISSP, CISA, CISM, GIAC, or RHCE