Senior Security Operations Analyst

Smarsh is the leader in Communications Compliance, Archiving, and Analytics. We provide compliance across the broadest set of communications channels with insights on what’s being captured. Smarsh customers manage over 500 million daily conversations across 80 channels - and it’s still growing. Our customers include the top 10 U.S., top 8 European, top 5 Canadian, and top 3 Asian banks. At Smash, we’ve been helping our customers manage new forms of communication since 1998. We work closely with regulators including the SEC, FINRA, IIROC, PRA, FCA, and with our customers, to ensure that they understand the capabilities of today’s technology and that our platform meets their most stringent requirements. Job Description: The Senior Security Operations Analyst is an expert-level role in the Security Operations Center (SOC), responsible for handling the most complex and critical security incidents. This role involves advanced threat analysis, incident response, and proactive threat hunting. The Senior Security Operations Analyst also contributes to the strategic improvement of the organization's security posture. Roles and Responsibilities

• Threat Research - Research on new ATP's, Threats, identifying the new indicators of compromise (IOC's), Tactics, Techniques and Procedures (TTP's).
• Responsible for end-to-end security incident triage. Working with respective teams providing contextual information for security incident remediation.
• Recommend fine tuning and configuration changes to Security platforms which will improve the accuracy of detections and bring down the false positives
• Experience in creation and integration of playbooks and custom parsers for SOC tools
• Develop and maintain incident response play books and for continuous service improvements
• Analyse monthly Security reports from the platforms and vendors to identify trends and vulnerabilities within the infrastructure
• Conduct computer, network forensic investigation functions and malware analysis to determine the target
• Coordinate efforts with globally dispersed teams.
• Document decisions regarding technology choices, best practices and process.
• Contribute to architectural conversations and plans.
• Collaborate with engineers and development teams to integrate security practices into the CI/CD pipeline and automate security processes.
• Being on-call and providing after hours response.

• Subject matter expert in security audits and compliance assessments to ensure adherence to industry regulations (e.g., GDPR, HIPAA, SOC, ISO) and internal security requirements.
• Lead the creation of comprehensive security documentation and training materials for both technical and non-technical audiences.
• Lead collaborations with developers and engineers to simulate realistic cyber-attack scenarios aimed at identifying vulnerabilities in the applications and infrastructure.
• Provide the oversight of third-party Security Operations Center (SOC), and second-level incident investigation and triage.
• Mentor and guide junior security engineers, fostering their technical growth and professional development.
• Take lead to create documentation and training materials for Security Operations.

Desired skills & experience

• Professional degree in Computer Science from a reputed college with consistent academic record
• 6+ years of experience in cybersecurity, with significant time spent in security operations.
• Expert knowledge of advanced cyber threats, attack methodologies, and countermeasures.
• Proficiency in SIEM, IDS/IPS, forensic tools, and threat intelligence platforms.
• Hands-on experience in security systems, including EDR, firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
• Strong expertise in incident response, threat hunting, and malware analysis
• Ability to discuss and articulate Security Frameworks, Technologies and Best practises
• Support Security Analysts to provide additional subject matter expertise
• Proven Experience with SIEM, EDR, IDS/IPS and network forensic tools
• Experience in handling Security Events, Incidents, Breaches and Zero days
• Exhibit good judgement in managing workload, including when to communicate project risks.
• In-depth understanding of cybersecurity principles, practices, and methodologies.
• Familiarity with common cyber threats, attack vectors, and vulnerabilities.
• Experience securing cloud environments, such as AWS, Azure, or Google Cloud.
• Proficient with incident response procedures and best practices.
• Knowledge of cryptographic protocols and key management.
• Proficiency in scripting languages (e.g., Python, PowerShell) to automate security tasks.
• Dedication to staying updated with the latest security trends, tools, and techniques.
• Proficiency in creating clear and comprehensive security documentation, reports, and procedures.
• Familiarity with relevant regulations (GDPR, HIPAA, etc.) and industry standards (ISO 27001, NIST).
• Excellent verbal and written English skills to collaborate with cross-functional teams and convey security concepts to non-technical stakeholders.
• Experience with common security tools, such as Burp/ZAP, Nessus, Kali Linux, etc.
• Experience with Threat Modelling and Vulnerability Management Tools
• Security certifications such as GCIH, GCIA, CASP or GCFA.

Why Smarsh? Smarsh hires lifelong learners with a passion for innovating with purpose, humility and humour. Collaboration is at the heart of everything we do. We work closely with the most popular communications platforms and the world’s leading cloud infrastructure platforms. We use the latest in AI/ML technology to help our customers break new ground at scale. We are a global organization that values diversity, and we believe that providing opportunities for everyone to be their authentic self is key to our success. Smarsh leadership, culture, and commitment to developing our people have all garnered Comparably.com Best Places to Work Awards. Come join us and find out what the best work of your career looks like.