Security Operations Analyst

We are seeking an experienced Security Operations Analyst reporting directly to the Head of IT and Security. This position will be responsible for managing, triaging and investigating security alerts and notifications in our existing security tool stack. 

As a Security Operations Analyst, you’ll get to:

• Monitor security tools, dashboards, and alerts (e.g., SIEM, EDR, IDS/IPS, firewalls) to identify suspicious activity.
• Investigate security incidents and escalations, perform root cause analysis, and coordinate response efforts.
• Work with CX and Account Managers on customer abuse cases and remediation.
• Triage alerts and determine their severity, scope, and impact; escalate as appropriate.
• Collect and preserve evidence for forensic analysis, reporting, and compliance.
• Collaborate with IT, security engineers, and other business units to contain and remediate threats.
• Support vulnerability management efforts by correlating vulnerability data with threat intelligence.
• Maintain and improve playbooks, runbooks, and incident response processes.
• Participate in threat hunting, red/blue team exercises, and tabletop drills.
• Stay up to date with the latest cybersecurity trends, threat actors, and attack techniques.
• Document incidents, findings, and lessons learned in a timely and accurate manner.

You’ll be a good fit if you have:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field—or equivalent work experience.
• 3–5 years + of experience in a security operations, incident response, or cybersecurity analyst role.
• Familiarity with SOC environments and 24/7 monitoring models (preferred for larger organizations).
• Experience with SIEM tools (e.g., Splunk, Rapid7, SumoLogic).
• Familiarity with Mac endpoint protection platforms (e.g., Jamf, Kandji, Crowdstrike).
• Understanding of networking, operating systems, cloud platforms (AWS), and security architecture.
  Knowledge of common attack vectors, malware, phishing, and TTPs (MITRE ATT&CK framework).
• Experience writing or maintaining incident response documentation or procedures.
• Strong analytical, problem-solving, and troubleshooting skills.
• Ability to work well under pressure during high-stakes incidents.
• Excellent written and verbal communication skills.
• Team-oriented with a proactive and detail-focused mindset.

Nice to Have / Preferred Certifications: 

• CompTIA Security+, CySA+, or Network+ 
• GIAC (GCIH, GCIA, GCFA).
• Certified Ethical Hacker (CEH).
• AWS security certifications.
• Other relevant vendor-specific or incident response credentials.

For this role, we're looking for candidates in the Denver metropolitan area for a remote position. We plan to grow our team and presence in Denver over time. This role does not qualify for relocation or visa sponsorship. Applications for this position will be open until Monday, August 25th. 

In accordance with applicable law, the following represents a reasonable estimated compensation range for this role: the estimated pay range for this role, if based in Colorado is $105,000 - $129,000.

Please note that this information is provided for those hired in Colorado only. Compensation for candidates outside of Colorado will be based on the candidate’s specific work location. 

Actual compensation will be determined based on skills, experience, and geographic location and may be more or less than the amount shown above.