Senior Security Analyst

As a Senior Security Analyst, you’ll be part of a team of analysts and engineers with detecting and responding to security events across Anaplan. This is a key position with the Cyber Defense team, and you will be instrumental in helping mature Anaplan’s ability to manage cyber incidents effectively and efficiently.

• Conduct log analysis across a diverse ecosystem of technology to locate the root cause of incidents.
• Lead alert investigations and incident response activities, including incident communication and multi-functional collaboration.
• Function as a technical escalation point for MSSP and/or MDR partners.
• Draft, maintain, and communicate incident reports for technical and non-technical audiences.
• Lead incident retrospectives and contribute to improvements in the overall security posture of Anaplan.
• Develop, mature, and test incident response processes.
• Proactively seek threats to identify new risk areas and gaps in coverage or tooling.
• Contribute to the ongoing development of use cases and automation playbooks.
• Use team metrics to drive continuous improvement activities, projects, and team efficiency.
• Establish relationships with key partners across Anaplan that can improve our security practices and response capabilities.
• Maintain on-call availability to support after-hours coverage.

• 5+ years of experience as an incident responder or forensic analyst working within a global SOC.
• Bachelor's Degree in computer science or information technology or a related field such as engineering, security, or STEM
• Experience leading investigations into large, complex incidents.
• Experience communicating complex and technical issues to diverse audiences.
• Experience working on security investigations in cloud services.
• Good knowledge of the kill-chain model, ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework, and modern red team tactics and techniques.
• Familiarity with one or more programming/scripting languages (e.g., Python, PowerShell).
• Foundational knowledge in software engineering and/or cloud technologies including cloud services, hardware, networking, architecture, protocols, file systems, and operating systems.
• Understanding of various attack vectors, threat tactics, and attacker techniques ranging from APTs, Malware, DDoS, Exploits, etc.
• Familiarity with various attack and detection frameworks like MITRE, Diamond Model, etc.
• Certifications including, but not limited to, any of the following: GCIH, GCFA, GCIA, GSEC, GIAC, Security+, etc. are a plus.
• Ability to work effectively in ambiguous situations and manage change.
• Experience working with remote, globally distributed teams.

#LI-Remote

#LI-SP1