Senior Cybersecurity Analyst

Job Title:Tier 3 Cybersecurity Analyst Location:Austin, Texas (Onsite Only) Clearance:Not Required Open Shifts: • 1st Shift:Sunday – Thursday, 7:00 AM – 3:30 PM • 2nd Shift:Tuesday – Saturday, 7:00 AM – 3:30 PM Position Overview: FTS is looking for a highly skilled Tier 3 Cybersecurity Analyst to join our dynamic Security Operations Center (SOC). In this role, you will lead advanced investigations of cyber incidents, work closely with detection and engineering teams to deploy cloud-based monitoring tools, and ensure our organization remains secure against evolving threats. This is a hands-on, leadership-level role, ideal for individuals with deep technical expertise and a passion for cybersecurity. You’ll also provide guidance to junior analysts, contribute to strategic defense initiatives, and enhance incident response procedures. Core Responsibilities: • Integrate and configure new detection tools such as Azure Sentinel, AWS GuardDuty, and Netskope to improve visibility across cloud platforms. • Build and maintain incident response playbooks, focusing on cloud-specific threat scenarios. • Lead the response to complex security incidents by identifying attack vectors, analyzing logs, tracing indicators of compromise, and implementing remediation strategies. • Serve as a senior point of escalation and provide mentorship to Tier 1 and Tier 2 SOC staff during active investigations. • Document all investigation processes, findings, and follow-up actions in a structured and consistent manner. • Coordinate with threat intelligence, forensics, IT, and network teams to ensure a unified incident response. • Regularly brief stakeholders and leadership teams on threat activities and response status. • Design and deploy advanced detection use cases to proactively identify malicious behaviors and advanced persistent threats. • Evaluate and enhance SOAR automation playbooks for faster and more effective incident response. • Support knowledge sharing and cross-training within the SOC team. • Stay informed on emerging threats, industry trends, and evolving attacker techniques. Participate in red/blue team exercises and tabletop simulations. Qualifications: • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience (required). • A minimum of 8 years of experience working on enterprise IT or cybersecurity projects. • At least 7 years of hands-on experience responding to incidents in a Security Operations Center (SOC), including cloud security monitoring. • Demonstrated expertise in cybersecurity frameworks, incident lifecycle management, and risk mitigation strategies. • Hands-on experience with tools such as SIEM, EDR, IDS/IPS, and network traffic analysis solutions. • Must hold at least one of the following certifications: CISSP, GCIH, GCFA, or CEH. • Familiarity with ServiceNow or other enterprise-level ticketing systems. • Strong problem-solving abilities and a proactive, analytical mindset. • Ability to work both independently and collaboratively in high-pressure environments. • Exceptional communication skills—able to translate technical issues into clear insights for both technical and non-technical audiences. Job Type: Full-time Pay: $110,000.00 - $125,000.00 per year Benefits: • 401(k) • Dental insurance • Health insurance • Paid time off • Vision insurance Application Question(s): • How many years of experience do you have working in a Security Operations Center (SOC), specifically handling Tier 3 or escalated incidents? • Do you hold a active CISSP, GCIH, GCFA or CEH Certification? • Do you have experience working with SOAR platforms to automate incident response workflows? • How many years of professional work experience do you have experience supporting large-scale IT-related projects • Do you have hands-on experience monitoring and securing cloud environments (e.g., Azure, AWS or Netskope CASB)? • How many years of experience do you have working with SIEM platforms (e.g., Splunk, QRadar, LogRhythm)? • Do you have experience using enterprise ticketing systems like ServiceNow to manage incidents? • Are you legally authorized to work in the United States without sponsorship? Work Location: In person