24x7 Security Operations Analyst

Job Description

Join a global security operations function that protects critical applications, infrastructure and enterprise security tooling. Our Security Operations team combines ITIL-driven process discipline with hands-on technical troubleshooting to detect, contain and remediate security risks across identity, endpoint, network and cloud platforms. As threats evolve and new technologies emerge, we’re the first line of defense—stabilizing operations and enabling secure business outcomes.

Role purpose

We’re looking for a reliable, technically curious 24x7 Security Operations Analyst to deliver consistent, high-quality platform support across all shifts. You’ll independently triage standard alerts and service requests, coordinate with engineering and operations teams, and help keep security tools healthy and available. This role requires sound judgment, good communication, and a drive to improve runbooks and operational playbooks over time.

What you’ll do (key responsibilities):

Manage IT security platforms and ensure tools remain operational with minimal downtime

Independently triage and resolve standard L1 alerts and service requests; perform solid initial investigations before escalation

Act as the security liaison for Engineering and Operations and collaborate with underpinning service teams and external partners

Support ITRMS use-case development, maintain the roadmap, catalogue and backlog

Ensure alignment with platform governance, SDLC and ITIL processes

Monitor product usage and performance; identify and track recurring issues and propose runbook improvements

Correlate security incidents, events, service requests and work orders to determine business impact when possible

Contain and resolve incidents or collect evidence and context for escalation following approved prioritization processes

Use ServiceNow and other reporting tools to manage cases, SLAs and lifecycle workflows

Handle agent/sensor/scanning and ingestion issues at L1 and escalate appropriately with context and evidence

Contribute to shift coordination and operational continuity; mentor and guide junior analysts during shifts

Vendors and platforms — good to have:

McAfee / Trellix: ePO, HIPS, ENS, VSE, Solidcore

CrowdStrike (Falcon)

Microsoft Security Suite, primarily Microsoft Defender

Cylance

Cisco FireAMP

Zscaler

Splunk

What we’re looking for (qualifications):

Solid understanding of security operations workflows and incident handling

Knowledge of endpoint and network security concepts and tooling

Familiarity with ServiceNow and ITIL framework; experience with security product governance a plus

Experience with one or more of the vendors/platforms listed above is highly desirable

Ability to correlate signals across platforms and perform independent problem analysis to identify root causes

Strong written and verbal English communication; able to explain technical issues to diverse audiences clearly and authoritatively

Comfortable working under pressure, with professional presence and sound prioritization skills

Team-focused, adaptable, self-motivated and energetic; able to work effectively with diverse stakeholders

Familiarity with regulatory considerations (e.g., PCI, GDPR) is desirable

Education: BS in Information Security, Computer Science, Engineering or equivalent experience