Senior Security Operations Analyst

Senior Security Operations Analyst

Alma is seeking a mission-driven Senior Security Operations Analyst to join our team.  We are dedicated to building and operating secure and compliant tools and services which help providers more easily manage and grow their practice. In this role, you will help us defend against cybersecurity incidents by identifying, analyzing, communicating and containing incidents as they occur. The ideal person for this role loves to research tactics, techniques and procedures (TTPs) leveraged by attackers and adversaries and works with other teams to mature Alma’s incident response program, defining standards, procedures and automating processes to uncover, resist and recover from security incidents.

What you’ll do:

• Defend against cybersecurity incidents and identify, analyze, communicate and contain incidents as they occur.

• Validate and maintain incident response plans and processes to address potential threats

• Conduct network monitoring, intrusion detection analysis, and log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources

• Deploy and manage cloud-centric detection to detect threats related to cloud environments and services used by the organization

• Work with the security information and event management (SIEM) system to correlate activity across assets (endpoint, network, apps) and environments (on-premises, cloud) and identify patterns of anomalous activity

• Research emerging threats and vulnerabilities to aid in the identification of incidents

• Create runbooks for frequently occurring incidents and alerts to automate or assist with the resolution of those cases

• Provide users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary

Who you are:

• You have 4+ years of experience working in a similar role with web technologies and information security and at least 2 years working in a senior role

• You are self-motivated and capable of driving efforts to completion with minimal oversight while knowing when to ask for guidance and assistance as needed

• You have achieved Certified Information Systems Security Professional (CISSP) certification or other relevant certifications

• You have extensive experience managing incidents from detection to remediation including documenting findings, managing the response team and process, communicating updates, leading remediation efforts, and performing retrospectives for process improvement

• You have experience building and running incident response programs, including planning tabletop exercises, developing breach simulation scenarios, facilitating tabletop sessions with numerous stakeholders, and writing summary reports

• You have experience working with an incident management tool like OneTrust

• You deeply understand AWS security tools and processes in regards to monitoring, logging, and incident management

• You have multiple years of experience monitoring security systems that can scale, with high levels of automation.

• You have extensive experience deploying and tuning the Elastic security information and event management (SIEM) platform and Endpoint Detect and Response (EDR) tool or a similar product

• You have knowledge of tactics, techniques, and procedures leveraged by attackers and adversaries (e.g., MITRE ATT&CK)

• You have strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one

• You have strong communication skills and can convey complex technical topics to non-technical stakeholders clearly and concisely

• You have experience building short and long-term strategies for incident response and security operations teams

Benefits:

• We’re a remote-first company

• Health insurance plans through Aetna (medical and dental) and MetLife (vision), including FSA and HSA plans

• 401K plan (ADP)

• Monthly therapy and wellness stipends

• Monthly co-working space membership stipend

• Monthly work-from-home stipend

• Financial wellness benefits through Northstar

• Pet discount program through United Pet Care

• Financial perks and rewards through BenefitHub

• EAP access through Aetna

• One-time home office stipend to set up your home office

• Comprehensive parental leave plans

• 11 paid holidays, 1 Alma Mental Health Day, and 1 Alma Volunteering Day

• Flexible PTO 

Salary Band: $145,000 - $175,000 

Alma’s compensation philosophy is driven by our company value of building equity. To best ensure pay equity, we typically bring in new hires near the middle of our listed salary bands and we do not negotiate our compensation (i.e. all people hired at the same level & role are brought in at the same salary, equity, and benefits). The recruiter you work with can provide more details on our philosophy.

All Alma jobs are listed on our careers page. We do not use outside applications or automated text messaging in our recruiting process. We will not ask for any sensitive financial or identification information throughout the recruiting process. Any communication during the recruitment process, including interview requests or job offers, will come directly from a recruiting team member with a helloalma.com email address.