Threat Analyst | Remote, USA

Be among the first 25 applicants

Lensa is a U.S. career site that helps job seekers discover job opportunities. We are not a staffing firm or agency. We promote jobs on behalf of our clients, which include employers, recruitment agencies, and marketing partners.

The Threat Analyst will provide security alert monitoring and detection utilizing customer-provided data sources, audit, and monitoring tools. This role will require evening hours as part of our 24/7/365 Security Operations Center schedule. A Threat Analyst must be flexible and adaptable. The Threat Analyst will work closely with our Senior Threat Analyst to service customers through our Managed Detection and Response offering.

• Document and report on potential security incidents identified in customer environments, including timelines of events.
• Provide triage, analysis, and escalation on security technologies such as SIEM, EDR, and UEBA platforms from various log sources.
• Coordinate security events requiring urgent response, containment, and remediation.
• Maintain understanding of security threats, vulnerabilities, and exploits impacting systems and networks.
• Perform knowledge transfers, document issues, and assist in threat mitigation for clients.
• Provide ongoing security recommendations to customers.
• Research current threats and attack vectors.
• Utilize SOPs and knowledge bases.

• 2-3+ years of professional experience in Information Security.
• Experience investigating and troubleshooting enterprise networks and systems in a SOC, MSS, or similar environment.
• Excellent time management, reporting, communication, and prioritization skills.
• Data analysis experience using SIEM, database tools, SOAR, and reporting systems.
• Experience with SIEM/EDR/UEBA platforms (preferred: QRadar, LogRhythm, Splunk, Exabeam, Sentinel, Crowdstrike, Defender for Endpoint).
• Ability to generate detailed reports and recommendations.
• Strong written communication skills.
• Experience as a point of escalation in technical environments.
• Customer interaction experience.
• Knowledge of enterprise Windows security, Active Directory, and mitigation controls.
• Ability to identify false positives and tune security systems.
• Understanding malware root causes and mitigation strategies.
• Familiarity with web-based exploit kits, APTs, and data exfiltration techniques.
• Knowledge of vulnerability scoring (CVSS) and assessment tools.
• Basic understanding of security architectures and devices.
• Ability to troubleshoot technical issues and ask probing questions.

• Commitment to Diversity, Equity, and Inclusion.
• Work/life balance and professional development resources.
• Opportunity to work remotely where applicable.

Optiv is an equal opportunity employer. We consider all qualified applicants without regard to protected characteristics. We respect your privacy; see our Privacy Notice.

Questions? Contact support@lensa.com