Security Analyst SOC experience

Shift is the leading AI platform for insurance. Shift combines generative agentic and predictive AI to transform underwriting claims and fraud and risk - driving operational efficiency exceptional customer experiences and measurable business impact. Trusted by the worlds leading insurers Shift delivers AI when and where it matters most at scale and with proven results.

Our culture is built on innovation trust and a drive to transform the insurance industry through our SaaS platform. We come from more than 50 different countries and cultures and together we are creating the future of insurance.

The security team is a critical component of Shift Technology as no organization is immune to cyber-crime. The team is responsible for protecting information throughout the security infrastructure edge devices networks and data. We strive to stay up to date with the latest tactics hackers are employing in the field in order to prevent data breaches by monitoring and reacting to attacks but the first step is finding the most qualified professionals to lead the way.

DESCRIPTION

As a Security Analyst you will be a hands-on defender of Shifts digital environment. This is a hybrid role that combines real-time security operations (SecOps) with proactive infrastructure and application security. You will not only monitor for and respond to threats but also help develop and automate the detections playbooks and responses that mature our security posture and validate the effectiveness of our security controls.

RESPONSIBILITIES

Threat Detection Monitoring and Response Engineering

• Monitor security alerts from a variety of sources (SIEM EDR Cloud Security tools) to identify triage and investigate potential threats.
• Contribute to the development tuning and maintenance of detection rules and analytics in the SIEM to improve threat visibility and reduce false positives.
• Analyze security logs and data to identify anomalous or malicious activity.
• Utilize automated response actions within our security tooling (SOAR) to handle common threats efficiently and assist in identifying new opportunities for automation.

Incident Response

• Develop and maintain incident response playbooks and procedures to ensure a consistent and effective response to security events.
• First responder for security incidents executing initial analysis and containment procedures based on established playbooks.
• Support incident response activities including investigation evidence gathering and communication with stakeholders.

Security Assurance & Control Testing

• Perform regular security assurance tasks such as user access and configuration reviews.
• Assist with the third-party risk management process by supporting technical security assessments of vendors and services.

Collaboration & Improvement

• Produce reports on security incidents and control test results and collaborate with engineering teams on remediation efforts.
• Proactively identify potential security problems and work with partner teams to implement solutions.
• Support the CISO and the department in regular security operations and control monitoring activities.

SKILLS & BACKGROUND

Experience & Education

• 4 years of experience in Security Operations (SOC) Incident Response or a similar hands-on security role.
• Bachelors Degree in a relevant field or equivalent work experience.

Hands-On Technical Skills

• Hands-on experience with a SIEM platform (e.g. Azure Sentinel Splunk) for detection engineering log analysis threat hunting and triage. Familiarity with detection logic.
• Experience with Endpoint Detection & Response (EDR) tools (e.g. Palo Alto Cortex XDR CrowdStrike Microsoft Defender for Endpoint).
• Familiarity with network security technologies (Firewalls IDS/IPS WAFs) and vulnerability assessment tools (e.g. Tenable Qualys).
• Proficient search logic and query skills (e.g. KQL Splunk SPL) and familiarity with scripting languages (e.g. PowerShell Python) for automation and analysis.
• Experience using SOAR platforms to investigate and respond to incidents.

Knowledge & Frameworks

• Familiarity with security frameworks particularly MITRE ATT&CK.
• Understanding of compliance and privacy frameworks for context (e.g. ISO 27001 SOC 2 NIST CSF HIPAA GDPR).
• Broad understanding of core information security technologies and concepts.

Core Competencies

• A strong analytical and investigative mindset with high attention to detail.
• Excellent communication skills with the ability to clearly articulate technical findings.
• A collaborative team player who can work effectively with technical and non-technical stakeholders.
• The ability to remain calm and methodical under pressure especially during incident response.

Recruitment Process

• TA Interview
• Security team interview
• Technical interview
• CISO interview
• CTO interview

To support our permanent full time employees at every stage of their careers and lives we provide a competitive total rewards and benefits package. Here are the global benefits wed like to highlight:

• Flexible remote and hybrid working options
• Competitive Salary and a variable component tied to personal and company performance
• Company equity
• Multiple Learning and Development opportunities including Focus Fridays a half-day each month to focus on learning and personal growth
• Generous PTO and paid holidays
• Mental health benefits
• 2 MAD Days per year (Make A Difference Days for paid volunteering)

Additional benefits may be offered by country - ask your recruiter for more information. Intern and Apprentice position are eligible for some of these benefits - ask your recruiter for more details.

At Shift we strive to be a diverse and inclusive workforce. We welcome applications from and hire people who will contribute to the diversity of our companywithout regard to race color religion marital status age national or ethnic origin physical or mental disability medical condition pregnancy genetic information gender identity or expression sexual orientation or other non-merit criteria.

Shift Technology is committed to providing reasonable accommodations for qualified individuals with disabilities in our application and employment process. Should you require accommodation please email and we will work with you to meet your accessibility needs.

Please be aware of scammers and only trust correspondence that comes from emails ending in . We will never do initial outreach to you via Whatsapp/Text/SMS never ask for banking information or personal identification numbers (ex. Social Security Number) as part of our recruitment process.

Shift Technology does not accept unsolicited CVs from recruiters or employment agencies in response to the Shift Technology Careers page or a Shift Technology social media post. Any unsolicited CVs including those submitted directly to hiring managers are deemed to be the property of Shift Technology.