3,769 Threat Response jobs in the United States
Cybersecurity Threat Response Engineer
98043 Bothell, Washington
Premera Blue Cross
Posted 16 days ago
Job Viewed
Job Description
**Workforce Classification:**
Hybrid
**Join Our Team: Do Meaningful Work and Improve People's Lives**
Our purpose, to improve customers' lives by making healthcare work better, is far from ordinary. And so are our employees. Working at Premera means you have the opportunity to drive real change by transforming healthcare.
To better serve our customers, we are fostering a culture that emphasizes employee growth, collaborative innovation, and inspired leadership. We are dedicated to creating an environment where employees can excel and where top talent is attracted, retained, and thrives. As a testament to these efforts, Premera has been recognized on the 2025 America's Dream Employers ( list. Newsweek honored Premera as one of America's Greatest Workplaces ( , America's Greatest Workplaces for Inclusion ( , and America's Greatest Workplaces For Mental Well-Being ( , Forbes ranked Premera among America's Best Midsize Employers ( for the fourth time.
Learn how Premera supports our members, customers and the communities that we serve through our Healthsource blog: .
As a **Cybersecurity Threat Response Engineer,** you will be a member of the Threat Intelligence and Response Team. In a world that depends on data, in the role you will be responsible for protecting data, identifying potential threats, and conducting investigations into cyber threats. You will respond to cyber security incidents by using critical thinking skills and forensic analysis to ensure that cyber security threats are proactively stopped from the Premera network. These threats include actors from nation states, cyber-criminal organizations, and insider threats. If you're motivated to find the threat in the haystack and are passionate about making healthcare safer, this is the role for you.
**This is a hybrid position located on our campus in Mountlake Terrace, WA, with onsite days required. You must live in Washington State to be eligible for this position. This position also has an on-call rotation with a dedicated team to support the mission to protect Premera and its data.**
**What you'll do:**
+ As a responder, you will be the 'Tip of the Spear' to react to alerts and use your innate hunting and analysis skills to conduct investigations into security threats.
+ Protect Premera data from threat actors looking to gain access to sensitive personal and financial data in a structured team environment.
+ Respond and investigate numerous attacks launched daily against Premera.
+ Personally engineer solutions that will prevent damaging cyber threats that cost organizations hundreds of thousands of dollars annually.
+ Exhibit a passion and tenacity about hunting and preventing cyber threats.
**What you'll bring:**
***This position is open to Levels II and III***
**Required Qualifications**
+ Bachelor's Degree in Information Systems or Business Administration or (4) years of work experience.
+ (3) years of experience designing, implementing, and troubleshooting networked computer systems, which must include (2) years of experience with secure network and systems architecture, design and implementation, intrusion detection, defense and incident response, security configuration management, access controls design and implementation, and security policy and standards development. **(Required for Level II)**
+ (5) years of experience designing, implementing, and troubleshooting networked computer systems, which must include (3) years of experience with secure network and systems architecture, design and implementation, intrusion detection, defense and incident response, security configuration management, access controls design and implementation, and security policy and standards development. **(Required for Level III)**
**Preferred Qualifications**
+ Previous cybersecurity incident response experience.
+ Demonstrated understanding of health plan operations and applicable security and privacy legislation.
+ Knowledge of business continuity planning practices
+ Knowledge of applicable practices and laws relating to data privacy and protection.
+ In-depth knowledge of the following technologies and protocols: ARP, TCP/UDP, IP, NetBIOS, Radius, 802.1x, Bind/DNS and Active Directory, LDAP, SMTP, DHCP, SSH, SFTP, FTP, TFTP, SNMP, SSL/HTTPS, NTP, Sun, Syslog, VoIP, QoS, VLANs; Wireless protocols: 802.11 specs, WPA/2, WEP, TTLS, PEAP; Routing protocols: RIP/2, OSPF, EIGRP, Frame-relay, and MPLS. Database systems: SQL Server, Oracle, and MySQL.
+ Demonstrated understanding of Operating System architecture as it relates to the functions of the following components: OS kernel, OS kernel modules and device drivers, memory management, inter-process communication, security subsystem, user account rights, user group rights, system logs, I/O functions, network services, file-system permissions, and application interaction with the Operating System.
**Physical Requirements**
The following have been identified as essential physical requirements of this job and must be performed with or without an accommodation:
+ This is primarily a sedentary role which requires the ability to exert up to 10 lbs. of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull, or otherwise move objects, including the human body.
+ This role requires the ability to keyboard and to communicate clearly and understandably in person and over the telephone.
**Premera total rewards**
Our comprehensive total rewards package provides support, resources, and opportunities to help employees thrive and grow. Our total rewards are more than a collection of perks, they're a reflection of our commitment to your health and well-being. We offer a broad array of rewards including physical, financial, emotional, and community benefits, including:
+ Medical, vision, and dental coverage with low employee premiums.
+ Voluntary benefit offerings, including pet insurance for paw parents.
+ Life and disability insurance.
+ Retirement programs, including a 401K employer match and, believe it or not, a pension plan that is vested after 3 years of service.
+ Wellness incentives with a wide range of mental well-being resources for you and your dependents, including counseling services, stress management programs, and mindfulness programs, just to name a few.
+ Generous paid time off to reenergize.
+ Looking for continuing education? We have tuition assistance for both undergraduate and graduate degrees.
+ Employee recognition program to celebrate anniversaries, team accomplishments, and more.
For our hybrid employees, our on-campus model provides flexibility to create your own routine with access to on-site resources, networking opportunities, and team engagement.
+ Commuter perks make your trip to work less impactful on the environment and your wallet.
+ Free convenient on-site parking.
+ Subsidized on-campus cafes make lunchtime connections with colleagues fun and affordable.
+ Participate in engaging on-site activities such as health and wellness events, coffee connects, disaster preparedness fairs and more.
+ Our complementary fitness & well-being center offers both in-person and virtual workouts and nutritional counseling.
+ Need a brain break? Challenge someone to a game of shuffleboard or ping pong while on campus.
**Equal employment** **opportunity/affirmative** **action:**
Premera is an equal opportunity/affirmative action employer. Premera seeks to attract and retain the most qualified individuals without regard to race, color, religion, sex, national origin, age, disability, marital status, veteran status, gender or gender identity, sexual orientation, genetic information or any other protected characteristic under applicable law.
If you need an accommodation to apply online for positions at Premera, please contact Premera Human Resources via email at or via phone at .
The pay for this role will vary based on a range of factors including, but not limited to, a candidate's geographic location, market conditions, and specific skills and experience.
The salary range for this role is posted below; we generally target up to and around the midpoint of the range.
**National Plus Salary Range:**
$90,000.00 - $153,000.00
_*National Plus salary range is used in higher cost of labor markets including Western Washington and Alaska_ _._
We're happy to discuss compensation further during the interview because we believe that open communication leads to better outcomes for all. We're committed to creating an environment where all employees are celebrated for their unique skills and contributions.
At Premera, we make healthcare work better. By focusing on improving our customers' experience purposefully and serving their needs passionately, we make the process easier, less costly, and more positive. Through empathy and advocacy, we change lives.
As the leading health plan in the Pacific Northwest, we provide comprehensive health benefits and services to more than 2 million customers, from individuals to Fortune 100 companies. Our services include innovative programs focused on health management, wellness, prevention, and patient safety. We deliver these programs through health, life, vision, dental, disability, and other related products and services.
Premera Blue Cross is headquartered in Mountlake Terrace, WA, with operations in Spokane and Anchorage. The company has operated in Washington since 1933 and in Alaska since 1952. With more than 80 years of experience in the region, we deliver innovation, choice, and expertise.
Hybrid
**Join Our Team: Do Meaningful Work and Improve People's Lives**
Our purpose, to improve customers' lives by making healthcare work better, is far from ordinary. And so are our employees. Working at Premera means you have the opportunity to drive real change by transforming healthcare.
To better serve our customers, we are fostering a culture that emphasizes employee growth, collaborative innovation, and inspired leadership. We are dedicated to creating an environment where employees can excel and where top talent is attracted, retained, and thrives. As a testament to these efforts, Premera has been recognized on the 2025 America's Dream Employers ( list. Newsweek honored Premera as one of America's Greatest Workplaces ( , America's Greatest Workplaces for Inclusion ( , and America's Greatest Workplaces For Mental Well-Being ( , Forbes ranked Premera among America's Best Midsize Employers ( for the fourth time.
Learn how Premera supports our members, customers and the communities that we serve through our Healthsource blog: .
As a **Cybersecurity Threat Response Engineer,** you will be a member of the Threat Intelligence and Response Team. In a world that depends on data, in the role you will be responsible for protecting data, identifying potential threats, and conducting investigations into cyber threats. You will respond to cyber security incidents by using critical thinking skills and forensic analysis to ensure that cyber security threats are proactively stopped from the Premera network. These threats include actors from nation states, cyber-criminal organizations, and insider threats. If you're motivated to find the threat in the haystack and are passionate about making healthcare safer, this is the role for you.
**This is a hybrid position located on our campus in Mountlake Terrace, WA, with onsite days required. You must live in Washington State to be eligible for this position. This position also has an on-call rotation with a dedicated team to support the mission to protect Premera and its data.**
**What you'll do:**
+ As a responder, you will be the 'Tip of the Spear' to react to alerts and use your innate hunting and analysis skills to conduct investigations into security threats.
+ Protect Premera data from threat actors looking to gain access to sensitive personal and financial data in a structured team environment.
+ Respond and investigate numerous attacks launched daily against Premera.
+ Personally engineer solutions that will prevent damaging cyber threats that cost organizations hundreds of thousands of dollars annually.
+ Exhibit a passion and tenacity about hunting and preventing cyber threats.
**What you'll bring:**
***This position is open to Levels II and III***
**Required Qualifications**
+ Bachelor's Degree in Information Systems or Business Administration or (4) years of work experience.
+ (3) years of experience designing, implementing, and troubleshooting networked computer systems, which must include (2) years of experience with secure network and systems architecture, design and implementation, intrusion detection, defense and incident response, security configuration management, access controls design and implementation, and security policy and standards development. **(Required for Level II)**
+ (5) years of experience designing, implementing, and troubleshooting networked computer systems, which must include (3) years of experience with secure network and systems architecture, design and implementation, intrusion detection, defense and incident response, security configuration management, access controls design and implementation, and security policy and standards development. **(Required for Level III)**
**Preferred Qualifications**
+ Previous cybersecurity incident response experience.
+ Demonstrated understanding of health plan operations and applicable security and privacy legislation.
+ Knowledge of business continuity planning practices
+ Knowledge of applicable practices and laws relating to data privacy and protection.
+ In-depth knowledge of the following technologies and protocols: ARP, TCP/UDP, IP, NetBIOS, Radius, 802.1x, Bind/DNS and Active Directory, LDAP, SMTP, DHCP, SSH, SFTP, FTP, TFTP, SNMP, SSL/HTTPS, NTP, Sun, Syslog, VoIP, QoS, VLANs; Wireless protocols: 802.11 specs, WPA/2, WEP, TTLS, PEAP; Routing protocols: RIP/2, OSPF, EIGRP, Frame-relay, and MPLS. Database systems: SQL Server, Oracle, and MySQL.
+ Demonstrated understanding of Operating System architecture as it relates to the functions of the following components: OS kernel, OS kernel modules and device drivers, memory management, inter-process communication, security subsystem, user account rights, user group rights, system logs, I/O functions, network services, file-system permissions, and application interaction with the Operating System.
**Physical Requirements**
The following have been identified as essential physical requirements of this job and must be performed with or without an accommodation:
+ This is primarily a sedentary role which requires the ability to exert up to 10 lbs. of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull, or otherwise move objects, including the human body.
+ This role requires the ability to keyboard and to communicate clearly and understandably in person and over the telephone.
**Premera total rewards**
Our comprehensive total rewards package provides support, resources, and opportunities to help employees thrive and grow. Our total rewards are more than a collection of perks, they're a reflection of our commitment to your health and well-being. We offer a broad array of rewards including physical, financial, emotional, and community benefits, including:
+ Medical, vision, and dental coverage with low employee premiums.
+ Voluntary benefit offerings, including pet insurance for paw parents.
+ Life and disability insurance.
+ Retirement programs, including a 401K employer match and, believe it or not, a pension plan that is vested after 3 years of service.
+ Wellness incentives with a wide range of mental well-being resources for you and your dependents, including counseling services, stress management programs, and mindfulness programs, just to name a few.
+ Generous paid time off to reenergize.
+ Looking for continuing education? We have tuition assistance for both undergraduate and graduate degrees.
+ Employee recognition program to celebrate anniversaries, team accomplishments, and more.
For our hybrid employees, our on-campus model provides flexibility to create your own routine with access to on-site resources, networking opportunities, and team engagement.
+ Commuter perks make your trip to work less impactful on the environment and your wallet.
+ Free convenient on-site parking.
+ Subsidized on-campus cafes make lunchtime connections with colleagues fun and affordable.
+ Participate in engaging on-site activities such as health and wellness events, coffee connects, disaster preparedness fairs and more.
+ Our complementary fitness & well-being center offers both in-person and virtual workouts and nutritional counseling.
+ Need a brain break? Challenge someone to a game of shuffleboard or ping pong while on campus.
**Equal employment** **opportunity/affirmative** **action:**
Premera is an equal opportunity/affirmative action employer. Premera seeks to attract and retain the most qualified individuals without regard to race, color, religion, sex, national origin, age, disability, marital status, veteran status, gender or gender identity, sexual orientation, genetic information or any other protected characteristic under applicable law.
If you need an accommodation to apply online for positions at Premera, please contact Premera Human Resources via email at or via phone at .
The pay for this role will vary based on a range of factors including, but not limited to, a candidate's geographic location, market conditions, and specific skills and experience.
The salary range for this role is posted below; we generally target up to and around the midpoint of the range.
**National Plus Salary Range:**
$90,000.00 - $153,000.00
_*National Plus salary range is used in higher cost of labor markets including Western Washington and Alaska_ _._
We're happy to discuss compensation further during the interview because we believe that open communication leads to better outcomes for all. We're committed to creating an environment where all employees are celebrated for their unique skills and contributions.
At Premera, we make healthcare work better. By focusing on improving our customers' experience purposefully and serving their needs passionately, we make the process easier, less costly, and more positive. Through empathy and advocacy, we change lives.
As the leading health plan in the Pacific Northwest, we provide comprehensive health benefits and services to more than 2 million customers, from individuals to Fortune 100 companies. Our services include innovative programs focused on health management, wellness, prevention, and patient safety. We deliver these programs through health, life, vision, dental, disability, and other related products and services.
Premera Blue Cross is headquartered in Mountlake Terrace, WA, with operations in Spokane and Anchorage. The company has operated in Washington since 1933 and in Alaska since 1952. With more than 80 years of experience in the region, we deliver innovation, choice, and expertise.
View Now
0
Senior Manager, Global Threat Response
60540 Aurora, Illinois
Kellanova
Posted 2 days ago
Job Viewed
Job Description
As the Senior Manager, Global Threat Response, you'll play a critical leadership role in our cybersecurity organization. You'll guide a team of skilled professionals who are responsible for identifying, investigating, and responding to threats across the enterprise. This role is central to our mission of protecting systems, data, and people from evolving digital risks. This role is remote within regions where Kellanova operates, with a preference for candidates based in or near Battle Creek, MI or Chicago, IL.
You'll be part of a high-performing team that blends technical depth with strategic insight. In this role, you'll oversee a hybrid team structure, including internal employees and offshore partners-and collaborate closely with stakeholders across Legal, HR, and IT. You'll help shape the direction of our incident response program, mentor team members, and drive continuous improvement in how we detect and respond to threats.
A Taste of What You'll Be Doing
+ Lead Incident Response Operations - Act as the incident commander during high-impact security events, including cyber incidents and HR/legal investigations. You'll lead technical and executive tabletop exercises, ensure alignment with enterprise protocols, and provide oversight throughout the lifecycle of each incident.
+ Develop and Lead a High-Performing SOC Team - Drive the performance and growth of a two-tier Security Operations Center (SOC), partnering with the Cybersecurity Operations Director to define strategic goals, set measurable objectives, and implement robust training and development programs.
+ Advance Threat Hunting and Engineering Capabilities - Lead proactive threat hunting initiatives and deep-dive investigations to uncover hidden risks. Oversee SIEM and EDR platform tuning, collaborate with engineering teams to enhance detection logic and maintain a resilient security posture across the organization.
+ Engage Stakeholders and Guide Strategic Response - Partner with Legal, HR, and external counsel on investigations and eDiscovery efforts. You'll communicate complex technical findings to executive stakeholders, contribute to strategic planning, and help shape the future of the global threat response program.
We're Looking for Someone With
+ Bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related field
+ Experience in cybersecurity operations, with a focus on incident response and threat detection
+ Hands-on experience with SIEM, EDR, and threat intelligence platforms (e.g., Microsoft Defender)
+ Strong understanding of the MITRE ATT&CK framework and vulnerability management practices
+ Experience leading global teams, including offshore and cross-functional partners
+ Skilled in managing complex projects and timelines
+ Excellent written and verbal communication skills, with the ability to present confidently to senior leadership.
Compensation
The annual salary range is $137,000 - $179,760, which is based on various factors such as location, experience and skill. Discretionary bonuses based on company and individual performance are also available.
What's Next
Applications for this position will be accepted through October 23rd, 2025. After you apply, your application will be reviewed by a real recruiter, so it may take us a few weeks to get back with you by email or phone. Visit our How We Hire page ( to get insights into our hiring process and more about what we offer. All applicants must have permanent legal authorization to work in the United States. Kellanova does not sponsor employment visas for this role.
Need assistance throughout the application or hiring process? Email .
Benefits include medical, dental, vision, life, accidental death & dismemberment insurance, employee assistance program, short-term disability coverage, and long-term disability insurance. Also, voluntary income protection benefits such as supplemental life, accident as well as a 401(k) plan with company contributions is available. Part-time employees may have access to benefits on a pro-rated basis. See KellanovaTotalHealth.com for more information.
Get to Know Us
At Kellanova, we are driven by our vision to be the world's best-performing snacks-led powerhouse, unleashing the full potential of our differentiated brands and our passionate people. Our portfolio of iconic, world-class brands include Pringles, Cheez-It, Pop-Tarts, MorningStar Farms, Special K, Krave, Zucaritas, Tresor, Crunchy Nut, among others.
Kellanova's Culture of Best means we bring our best to all that we do in pursuit of our vision to be the world's best performing snacks-led powerhouse. Our culture celebrates boldness and empowers our people to challenge the status quo, achieve results, and win together.
Our focus on Equity, Diversity, and Inclusion (ED&I) enables us to build a culture of belonging where all employees have a place at the table and are inspired to share their passion, talents and ideas to work.
Mars has agreed to acquire Kellanova in a combination that will shape the future of snacking! The transaction is anticipated to close towards the end of 2025 (subject to customary closing conditions, including regulatory approvals). The companies remain separate until closing.
You can learn more at , and our hiring teams will be happy to discuss further questions if your application advances in the hiring process.
Let's shape the future of snacking.
Kellanova is an Equal Opportunity Employer that strives to provide an inclusive work environment, a seat for everyone at the table, and embraces the diverse talent of its people. All qualified applicants will receive consideration for employment without regard to race, color, ethnicity, disability, religion, national origin, gender, gender identity, gender expression, marital status, sexual orientation, age, protected veteran status, or any other characteristic protected by law. For more information regarding our efforts to advance Equity, Diversity & Inclusion, please visit our website here ( .
You'll be part of a high-performing team that blends technical depth with strategic insight. In this role, you'll oversee a hybrid team structure, including internal employees and offshore partners-and collaborate closely with stakeholders across Legal, HR, and IT. You'll help shape the direction of our incident response program, mentor team members, and drive continuous improvement in how we detect and respond to threats.
A Taste of What You'll Be Doing
+ Lead Incident Response Operations - Act as the incident commander during high-impact security events, including cyber incidents and HR/legal investigations. You'll lead technical and executive tabletop exercises, ensure alignment with enterprise protocols, and provide oversight throughout the lifecycle of each incident.
+ Develop and Lead a High-Performing SOC Team - Drive the performance and growth of a two-tier Security Operations Center (SOC), partnering with the Cybersecurity Operations Director to define strategic goals, set measurable objectives, and implement robust training and development programs.
+ Advance Threat Hunting and Engineering Capabilities - Lead proactive threat hunting initiatives and deep-dive investigations to uncover hidden risks. Oversee SIEM and EDR platform tuning, collaborate with engineering teams to enhance detection logic and maintain a resilient security posture across the organization.
+ Engage Stakeholders and Guide Strategic Response - Partner with Legal, HR, and external counsel on investigations and eDiscovery efforts. You'll communicate complex technical findings to executive stakeholders, contribute to strategic planning, and help shape the future of the global threat response program.
We're Looking for Someone With
+ Bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related field
+ Experience in cybersecurity operations, with a focus on incident response and threat detection
+ Hands-on experience with SIEM, EDR, and threat intelligence platforms (e.g., Microsoft Defender)
+ Strong understanding of the MITRE ATT&CK framework and vulnerability management practices
+ Experience leading global teams, including offshore and cross-functional partners
+ Skilled in managing complex projects and timelines
+ Excellent written and verbal communication skills, with the ability to present confidently to senior leadership.
Compensation
The annual salary range is $137,000 - $179,760, which is based on various factors such as location, experience and skill. Discretionary bonuses based on company and individual performance are also available.
What's Next
Applications for this position will be accepted through October 23rd, 2025. After you apply, your application will be reviewed by a real recruiter, so it may take us a few weeks to get back with you by email or phone. Visit our How We Hire page ( to get insights into our hiring process and more about what we offer. All applicants must have permanent legal authorization to work in the United States. Kellanova does not sponsor employment visas for this role.
Need assistance throughout the application or hiring process? Email .
Benefits include medical, dental, vision, life, accidental death & dismemberment insurance, employee assistance program, short-term disability coverage, and long-term disability insurance. Also, voluntary income protection benefits such as supplemental life, accident as well as a 401(k) plan with company contributions is available. Part-time employees may have access to benefits on a pro-rated basis. See KellanovaTotalHealth.com for more information.
Get to Know Us
At Kellanova, we are driven by our vision to be the world's best-performing snacks-led powerhouse, unleashing the full potential of our differentiated brands and our passionate people. Our portfolio of iconic, world-class brands include Pringles, Cheez-It, Pop-Tarts, MorningStar Farms, Special K, Krave, Zucaritas, Tresor, Crunchy Nut, among others.
Kellanova's Culture of Best means we bring our best to all that we do in pursuit of our vision to be the world's best performing snacks-led powerhouse. Our culture celebrates boldness and empowers our people to challenge the status quo, achieve results, and win together.
Our focus on Equity, Diversity, and Inclusion (ED&I) enables us to build a culture of belonging where all employees have a place at the table and are inspired to share their passion, talents and ideas to work.
Mars has agreed to acquire Kellanova in a combination that will shape the future of snacking! The transaction is anticipated to close towards the end of 2025 (subject to customary closing conditions, including regulatory approvals). The companies remain separate until closing.
You can learn more at , and our hiring teams will be happy to discuss further questions if your application advances in the hiring process.
Let's shape the future of snacking.
Kellanova is an Equal Opportunity Employer that strives to provide an inclusive work environment, a seat for everyone at the table, and embraces the diverse talent of its people. All qualified applicants will receive consideration for employment without regard to race, color, ethnicity, disability, religion, national origin, gender, gender identity, gender expression, marital status, sexual orientation, age, protected veteran status, or any other characteristic protected by law. For more information regarding our efforts to advance Equity, Diversity & Inclusion, please visit our website here ( .
View Now
1
Senior Security Operations Center (SOC) Analyst - Threat Detection & Response
80202 Denver, Colorado
$115000 Annually
WhatJobs
Posted 7 days ago
Job Viewed
Job Description
Our client is a rapidly growing cybersecurity firm dedicated to protecting businesses from evolving cyber threats, and they are looking for a seasoned Senior Security Operations Center (SOC) Analyst to join their fully remote team. In this crucial role, you will be at the front lines of defending our client's infrastructure and customer environments against sophisticated attacks. You will be responsible for monitoring security alerts, performing in-depth investigations, analyzing threats, and orchestrating timely and effective incident response. This remote-first position requires a proactive, vigilant, and highly analytical mindset, with a deep understanding of security tools and methodologies.
Key Responsibilities:
Key Responsibilities:
- Monitor security alerts and events from various security tools, including SIEM, IDS/IPS, EDR, and threat intelligence platforms.
- Perform real-time analysis of security alerts to identify potential security incidents and breaches.
- Conduct in-depth investigations into security events, documenting findings, and determining scope and impact.
- Develop and refine detection rules, correlation logic, and alert prioritization within the SIEM and other security tools.
- Lead and coordinate incident response activities, including containment, eradication, and recovery efforts.
- Analyze malware, phishing attempts, and other cyberattack vectors to understand threat actor tactics, techniques, and procedures (TTPs).
- Contribute to the development and improvement of SOC playbooks, SOPs, and incident response plans.
- Stay current with the latest cybersecurity threats, vulnerabilities, and mitigation strategies.
- Collaborate with internal teams and external stakeholders during incident response.
- Mentor and guide junior SOC analysts, fostering a culture of continuous learning and improvement.
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent practical experience.
- 5+ years of experience in a Security Operations Center (SOC) environment or similar cybersecurity role.
- Proven expertise in incident detection, analysis, and response.
- Hands-on experience with SIEM tools (e.g., Splunk, QRadar, LogRhythm), EDR solutions, and network security monitoring tools.
- Strong understanding of common cyberattack vectors, malware analysis, and threat intelligence concepts.
- Familiarity with network protocols, operating systems (Windows, Linux), and cloud security principles.
- Excellent analytical, problem-solving, and critical thinking skills.
- Strong communication and documentation skills, with the ability to articulate technical findings clearly.
- Ability to work independently, manage multiple priorities, and perform effectively under pressure in a remote setting.
- Relevant certifications such as Security+, CySA+, GCIH, or CISSP are highly desirable.
Apply Now
2
Senior Information Security Analyst - Threat Detection & Response
78201 San Antonio, Texas
$115000 Annually
WhatJobs
Posted 7 days ago
Job Viewed
Job Description
Our client is seeking a highly skilled and experienced Senior Information Security Analyst to join their cybersecurity team. This is a fully remote position, offering the flexibility to work from anywhere within the US while defending critical digital assets. You will be instrumental in identifying, analyzing, and responding to security threats and incidents. This role involves continuous monitoring of security systems, performing in-depth forensic analysis, and developing strategies to enhance the organization's overall security posture. You will work closely with various IT teams to implement security controls, conduct vulnerability assessments, and ensure compliance with industry regulations and best practices. The ideal candidate possesses a strong understanding of network security, endpoint security, cloud security, and incident response methodologies. Proven experience with security information and event management (SIEM) tools, intrusion detection/prevention systems (IDPS), and threat intelligence platforms is essential. You should have a passion for cybersecurity, a proactive approach to identifying and mitigating risks, and excellent analytical and problem-solving skills. The ability to effectively communicate complex technical information to both technical and non-technical audiences is crucial. We are looking for a dedicated security professional who can contribute to building and maintaining a robust and resilient security environment in a remote-first setting.
Responsibilities:
Responsibilities:
- Monitor security alerts and events from various systems to detect and analyze potential threats.
- Conduct in-depth investigations of security incidents, including forensic analysis and root cause determination.
- Develop and implement incident response plans and procedures.
- Perform vulnerability assessments and penetration testing to identify security weaknesses.
- Recommend and implement security controls and countermeasures to protect information assets.
- Stay current with the latest cybersecurity threats, trends, and technologies.
- Collaborate with IT teams to ensure secure system configurations and deployments.
- Develop and deliver security awareness training to employees.
- Maintain and improve security documentation and policies.
- Bachelor's degree in Computer Science, Information Security, or a related field.
- 5+ years of experience in information security, with a focus on incident response and threat analysis.
- Deep understanding of network security, endpoint security, and cloud security principles.
- Proficiency with SIEM, IDPS, EDR, and other security monitoring tools.
- Experience with digital forensics and incident response frameworks (e.g., NIST).
- Excellent analytical, problem-solving, and communication skills.
- Relevant security certifications (e.g., CISSP, GSEC, CEH) are highly desirable.
Apply Now
3
Senior Information Security Analyst, Threat Detection & Response
85004 Whispering Pines, Arizona
$120000 Annually
WhatJobs
Posted 7 days ago
Job Viewed
Job Description
Our client, a leader in cybersecurity solutions, is seeking a highly skilled Senior Information Security Analyst to bolster their threat detection and response capabilities. This role, based in Phoenix, Arizona, US , operates on a hybrid model, allowing for effective collaboration while offering flexibility. You will be at the forefront of identifying, analyzing, and mitigating security threats across the organization's networks and systems. Your core responsibilities will include monitoring security alerts, investigating suspicious activities, and conducting in-depth forensic analysis to determine the scope and impact of security incidents. You will be responsible for developing and refining threat detection rules, implementing security tools, and contributing to the continuous improvement of the Security Operations Center (SOC) processes. This position demands a deep understanding of network security, endpoint security, malware analysis, and incident response methodologies. The ideal candidate possesses strong analytical and problem-solving skills, with the ability to think critically and respond effectively under pressure. You will collaborate closely with IT teams, incident response teams, and other security professionals to ensure a robust security posture. Experience with SIEM tools, intrusion detection/prevention systems (IDPS), and security orchestration, automation, and response (SOAR) platforms is highly desirable. This role offers a challenging and rewarding opportunity to protect critical information assets, stay ahead of evolving cyber threats, and contribute to a secure digital environment. The hybrid nature of this role ensures that essential in-person collaboration for critical response activities can occur alongside flexible remote work.
Responsibilities:
Responsibilities:
- Monitor security alerts and investigate potential security incidents.
- Perform in-depth analysis of security threats and malware.
- Conduct digital forensics and incident response activities.
- Develop and optimize threat detection rules and signatures.
- Manage and configure security tools, including SIEM and IDPS.
- Document incident response procedures and maintain security logs.
- Collaborate with IT and other security teams to implement security measures.
- Stay current with emerging threats and vulnerabilities.
- Contribute to security awareness training and best practices.
- Bachelor's degree in Computer Science, Cybersecurity, or a related field.
- Minimum of 5 years of experience in information security, with a focus on threat detection and incident response.
- Proven experience with SIEM, IDPS, and other security monitoring tools.
- Strong understanding of network protocols, operating systems, and common attack vectors.
- Experience with malware analysis and digital forensics techniques.
- Excellent analytical, problem-solving, and critical thinking skills.
- Effective communication and collaboration abilities.
- Relevant security certifications (e.g., CISSP, GIAC) are a plus.
Apply Now
4
Senior Cybersecurity Analyst - Threat Detection & Response
19101 Philadelphia, Pennsylvania
$115000 Annually
WhatJobs
Posted 1 day ago
Job Viewed
Job Description
Our client, a cutting-edge technology firm specializing in advanced security solutions, is seeking a highly skilled Senior Cybersecurity Analyst to join their elite, fully remote threat intelligence and incident response team. This is a unique opportunity to work from anywhere in the US, contributing to the protection of sensitive digital assets and critical infrastructure. The ideal candidate will possess deep expertise in cybersecurity principles, advanced threat detection methodologies, and incident response protocols. Responsibilities include continuously monitoring security alerts from various systems (SIEM, IDS/IPS, EDR), analyzing sophisticated threats, conducting forensic investigations, developing and implementing remediation strategies, and staying abreast of the latest cyber threats and vulnerabilities. You will be instrumental in refining detection rules, automating response actions, and contributing to the overall improvement of the security posture. The successful candidate will have a proven ability to perform in-depth malware analysis, network traffic analysis, and host-based forensics. This role requires a proactive and analytical mindset, with exceptional problem-solving skills and the ability to remain calm and effective under pressure. You will collaborate with other security professionals, IT teams, and external partners to mitigate risks and respond to security incidents. We are looking for an individual who is passionate about cybersecurity and dedicated to defending against evolving cyber threats. This position offers the flexibility of a remote work environment, empowering you to manage your workflow and contribute to a vital security mission. The company provides state-of-the-art tools and resources to support its security team. Continuous professional development and training are encouraged to keep pace with the rapidly changing threat landscape. The collaborative nature of the remote team ensures robust knowledge sharing and collective problem-solving. Your expertise will be critical in safeguarding our client's digital assets and maintaining trust with their global clientele. We value initiative, expertise, and a commitment to excellence in all aspects of cybersecurity.
Qualifications:
Qualifications:
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
- Minimum of 5 years of hands-on experience in cybersecurity, with a focus on threat detection and incident response.
- In-depth knowledge of SIEM, IDS/IPS, EDR, and other security monitoring tools.
- Strong understanding of network protocols, operating systems (Windows, Linux), and cybersecurity frameworks.
- Proven experience in forensic analysis, malware analysis, and vulnerability assessment.
- Relevant certifications such as CISSP, GCIH, CEH, or SANS certifications are highly desirable.
- Excellent analytical, problem-solving, and communication skills.
- Ability to work independently and collaboratively in a remote setting.
- Experience with scripting languages (e.g., Python, PowerShell) for automation is a plus.
Apply Now
5
Senior Cybersecurity Analyst - Threat Detection & Response
98101 Seattle, Washington
$130000 Annually
WhatJobs
Posted 7 days ago
Job Viewed
Job Description
Our client is a rapidly growing technology firm looking for a seasoned Senior Cybersecurity Analyst to bolster their security operations. This critical role involves the proactive identification, analysis, and mitigation of cyber threats across the organization's infrastructure and applications. The ideal candidate will possess extensive experience in threat detection, incident response, and security monitoring tools. You will be responsible for investigating security alerts, performing forensic analysis, developing security playbooks, and collaborating with engineering teams to remediate vulnerabilities. This is a fully remote position, requiring a self-motivated individual with excellent communication skills, ready to protect our digital assets from evolving threats.
Responsibilities:
Qualifications:
Responsibilities:
- Monitor security alerts and logs from various sources (SIEM, IDS/IPS, EDR) to detect potential security incidents.
- Perform in-depth analysis of security incidents, including identifying the scope, impact, and root cause.
- Lead incident response efforts, coordinating containment, eradication, and recovery activities.
- Develop and maintain incident response playbooks and procedures.
- Conduct forensic investigations on compromised systems and analyze malware.
- Proactively hunt for threats within the network and endpoints, identifying suspicious activities that may evade automated detection.
- Stay current with the latest threat intelligence, attack vectors, and vulnerabilities.
- Recommend and implement security enhancements to existing security tools and technologies.
- Collaborate with IT and development teams to implement security best practices and remediate vulnerabilities.
- Participate in security awareness training for employees.
- Develop and present regular reports on security posture, incident trends, and key metrics.
- Contribute to the development and refinement of the organization's overall cybersecurity strategy.
- Evaluate and recommend new security technologies and solutions.
- Maintain documentation for security tools, processes, and procedures.
- On-call rotation may be required as part of the security operations team.
Qualifications:
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master's degree preferred.
- Minimum of 7 years of progressive experience in cybersecurity, with a focus on threat detection and incident response.
- Extensive experience with Security Information and Event Management (SIEM) solutions (e.g., Splunk, QRadar, LogRhythm).
- Proficiency with Endpoint Detection and Response (EDR) tools and Intrusion Detection/Prevention Systems (IDS/IPS).
- Strong understanding of network protocols, operating systems (Windows, Linux), and common attack vectors.
- Experience with digital forensics tools and techniques.
- Familiarity with cloud security concepts (AWS, Azure, GCP).
- Excellent analytical, problem-solving, and critical thinking skills.
- Strong written and verbal communication skills, with the ability to articulate complex technical issues clearly.
- Relevant security certifications (e.g., CISSP, GCIA, GCIH, OSCP) are highly desirable.
- Ability to work independently, manage time effectively, and thrive in a remote, fast-paced environment.
- Demonstrated ability to handle high-pressure situations and make sound decisions during security incidents.
- Experience in threat intelligence gathering and analysis.
Apply Now
Be The First To Know
About the latest Threat response Jobs in United States !
6
Senior Information Security Analyst - Threat Intelligence & Incident Response
95814 Sacramento, California
$135000 Annually
WhatJobs
Posted 3 days ago
Job Viewed
Job Description
Our client, a leader in cybersecurity solutions, is seeking a highly skilled Senior Information Security Analyst to join their elite team. This fully remote position will be instrumental in bolstering the company's defense against sophisticated cyber threats. Based in **Sacramento, California, US**, you will focus on proactive threat intelligence gathering, in-depth analysis, and rapid incident response to protect critical assets and sensitive data. The ideal candidate possesses a deep understanding of current threat landscapes, advanced analytical skills, and a proven ability to manage complex security incidents.
Responsibilities:
Responsibilities:
- Develop and execute comprehensive threat intelligence strategies, identifying emerging threats, vulnerabilities, and attack vectors relevant to the organization.
- Monitor various threat intelligence sources, including open-source intelligence (OSINT), dark web forums, and commercial feeds, to gather actionable insights.
- Conduct in-depth analysis of threat data, correlating indicators of compromise (IOCs) and developing proactive defense measures.
- Lead and manage security incident response efforts, from initial detection and containment to eradication and recovery.
- Perform forensic analysis of security breaches, identifying root causes and providing detailed reports with recommendations for remediation.
- Develop and maintain incident response playbooks, procedures, and documentation.
- Collaborate with IT operations, network security, and application development teams to implement security controls and mitigate identified risks.
- Design and conduct security awareness training programs for employees on emerging threats and best practices.
- Utilize and optimize security information and event management (SIEM) tools, intrusion detection/prevention systems (IDPS), and other security technologies.
- Participate in red team/blue team exercises and penetration testing activities.
- Stay abreast of the latest cybersecurity trends, technologies, and regulatory requirements.
- Provide expert guidance and support on security matters to internal stakeholders.
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. Master's degree preferred.
- Minimum of 7 years of experience in information security, with a strong focus on threat intelligence and incident response.
- Demonstrated expertise in analyzing malware, network traffic, and system logs to identify malicious activity.
- Hands-on experience with SIEM tools (e.g., Splunk, QRadar), EDR solutions, and network security monitoring tools.
- In-depth knowledge of common attack frameworks (e.g., MITRE ATT&CK) and adversary tactics, techniques, and procedures (TTPs).
- Excellent forensic analysis capabilities and experience with relevant tools.
- Strong understanding of TCP/IP networking, operating systems (Windows, Linux), and common cybersecurity vulnerabilities.
- Relevant certifications such as CISSP, GIAC (GCIH, GCFA), or CISM are highly desirable.
- Exceptional analytical, problem-solving, and critical thinking skills.
- Excellent written and verbal communication skills, with the ability to articulate complex technical issues clearly.
- Ability to work independently and collaboratively in a remote team environment.
Apply Now
7
Senior Information Security Analyst - Threat Detection & Incident Response
33101 Aventura, Florida
$100000 Annually
WhatJobs
Posted 3 days ago
Job Viewed
Job Description
Our client is seeking a highly skilled and experienced Senior Information Security Analyst specializing in Threat Detection and Incident Response (TDIR). This fully remote role is crucial for protecting our organization's digital assets and ensuring business continuity in the face of evolving cyber threats. You will be responsible for monitoring security alerts, investigating potential security incidents, conducting forensic analysis, and developing effective response strategies to mitigate risks. The ideal candidate possesses a deep understanding of cybersecurity principles, attack vectors, network protocols, and various security tools and technologies. You will work collaboratively with IT teams, security operations centers (SOCs), and other stakeholders to identify vulnerabilities, implement security controls, and continuously improve our security posture. This position demands exceptional analytical skills, a meticulous attention to detail, and the ability to remain calm and decisive under pressure. Proactive threat hunting and the development of innovative detection methods are key aspects of this role.
Responsibilities:
Responsibilities:
- Monitor security systems and analyze alerts to detect and respond to potential security incidents.
- Conduct in-depth investigations, including forensic analysis of compromised systems.
- Develop and execute incident response plans, ensuring timely and effective mitigation of threats.
- Perform threat hunting activities to proactively identify and neutralize emerging threats.
- Analyze malware and other malicious artifacts.
- Develop and refine security detection rules and signatures.
- Collaborate with IT and other teams to implement security remediation measures.
- Document security incidents, investigations, and lessons learned.
- Stay current with the latest cybersecurity threats, vulnerabilities, and defense techniques.
- Contribute to the development and improvement of security policies and procedures.
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
- 5+ years of experience in information security, with a focus on threat detection and incident response.
- Proven experience with security information and event management (SIEM) tools, intrusion detection/prevention systems (IDS/IPS), and endpoint detection and response (EDR) solutions.
- Strong understanding of network security, operating systems (Windows, Linux), and common attack vectors.
- Experience with digital forensics and malware analysis techniques.
- Excellent analytical, problem-solving, and critical thinking skills.
- Strong written and verbal communication skills.
- Ability to work independently and as part of a remote team in a high-pressure environment.
- Relevant security certifications (e.g., CISSP, GCIH, GCFA) are a plus.
Apply Now
8
Lead Information Security Analyst - Threat Intelligence & Incident Response
78701 Austin, Texas
$120000 Annually
WhatJobs
Posted 7 days ago
Job Viewed
Job Description
Our client is seeking a highly skilled and experienced Lead Information Security Analyst to join their cybersecurity team in Austin, Texas, US . This critical role will focus on threat intelligence, incident response, and the proactive defense of the organization's digital assets. The Lead Analyst will be responsible for identifying emerging threats, developing mitigation strategies, and orchestrating the response to security incidents. The ideal candidate possesses a deep understanding of cybersecurity principles, extensive experience with security tools, and a proven track record of managing complex security operations. Key responsibilities include:
Qualifications:
- Developing and executing a comprehensive threat intelligence program, including the collection, analysis, and dissemination of threat data from various sources.
- Leading and coordinating incident response efforts for security breaches, ensuring timely containment, eradication, and recovery.
- Conducting forensic investigations to determine root causes of security incidents and gather evidence.
- Developing and refining security playbooks and standard operating procedures for incident response and threat hunting.
- Managing and configuring security information and event management (SIEM) systems, intrusion detection/prevention systems (IDPS), and other security tools.
- Performing vulnerability assessments and penetration testing, and working with relevant teams to remediate identified weaknesses.
- Creating detailed incident reports and post-incident reviews, providing actionable insights and recommendations.
- Mentoring and guiding junior security analysts, fostering a culture of continuous learning and skill development.
- Collaborating with IT operations, legal, and communications teams during security incidents.
- Staying abreast of the latest cybersecurity threats, vulnerabilities, and defensive techniques.
- Developing and delivering security awareness training to employees.
- Representing the security team in cross-departmental meetings and contributing to strategic security planning.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
- Minimum of 7-10 years of progressive experience in information security, with a strong emphasis on threat intelligence and incident response.
- Demonstrated experience with SIEM platforms (e.g., Splunk, QRadar, LogRhythm), EDR solutions, and network security monitoring tools.
- Expertise in digital forensics and incident response methodologies.
- Strong understanding of attacker tactics, techniques, and procedures (TTPs), and common threat vectors.
- Relevant security certifications such as CISSP, GIAC (GSEC, GCIH, GCFA), or CISM are highly desirable.
- Excellent analytical, problem-solving, and decision-making skills under pressure.
- Exceptional written and verbal communication skills, with the ability to clearly articulate technical concepts to both technical and non-technical audiences.
- Proven leadership abilities and experience managing security operations or incident response teams.
- Ability to work effectively in a fast-paced, high-stakes environment.
- Experience with scripting languages (e.g., Python, PowerShell) for automation is a plus.
Apply Now
9