Cyber Security Analyst I

About Us

At Finance of America we help homeowners unlock the joy that comes from realizing the full potential of their retirement. Many people have significant wealth tied up in their homes and want to use it meaningfully in their next chapter. Our uniquerange of reverse mortgages allow homeowners 55 to access that wealth while maintaining control over their home and financial future. With options tailored to their unique goals we provide the financial flexibility they need to move forward with confidence.

Finance of America is guided by five values: We are customer obsessed they are why we exist. We raise the bar. We take extreme ownership. We practice genuine collaboration. And we unleash our excellence. Together we are actualizing our vision to be the most beloved brand for homeowners in their next chapter.

To learn more about us visit

Purpose of Role

Responsible for the monitoring and triage of security alerts performing initial investigation documentation and escalation following Security Operations Center procedures. Provides frontline defense ensuring timely identification of threats across Finance of Americas systems and network.

Key Responsibilities and Expectations

• Monitors security alerts and events across Azure/M365 CrowdStrike Falcon Elastic/Kibana and other enterprise security platforms.
• Performs initial triage classification and escalation of security events based on established runbooks and Service Level Agreements (SLA).
• Analyzes phishing emails Endpoint Detection and Response (EDR) alerts and other security tools data as necessary to respond to security events.
• Utilizes organizational Security Information and Event Management EDR and Cloud platforms to perform routine threat hunts to identify and protect Finance of America systems networks and users.
• Documents all investigative steps clearly and consistently within JIRA including timelines findings and recommendations.
• Maintains awareness of current threats attack techniques and organizational security policies.
• Provides timely communication to senior analysts regarding suspicious activity potential incidents and operational risks.
• Follows SOC procedures for incident response containment actions and enhanced monitoring tasks.
• Participates in shift turnover briefings contributes to daily operational reporting and ensures accurate case hand-off.
• Supports continuous improvement of SOC workflows by identifying false positives noise reduction opportunities and detection logic gaps.
• Protects sensitive information and maintains strict confidentiality in all SOC work.
• Performs other duties as assigned.

Reports To

• Director Security Operations

Qualifications - Experience/Skills/Competencies

• Knowledge of security event triage threat indicators and common attack techniques (MITRE ATT&CK familiarity preferred).
• Foundational understanding of networking operating systems and security principles.
• Exposure to or strong interest in: Azure/M365 Security (Entra ID sign-ins Defender alerts Audit Logs Conditional Access) CrowdStrike Falcon (detections host overview process trees investigations) Elastic / Kibana (search queries dashboards lenses detection alerts) JIRA (ticket management documentation workflow transitions).
• Ability to read and interpret logs from endpoints cloud systems email security tools and authentication platforms.
• Basic understanding of Windows and Linux system behaviors processes and common administrative commands.
• Familiarity with phishing indicators malware behaviors user account anomalies and suspicious network activity.
• Ability to research new technologies techniques tactics and incorporate that information into analytical processes.
• Strong analytical thinking and problem-solving skills including ability to follow playbooks accurately.
• Ability to work in a fast-paced 24/7 SOC environment with shifting priorities and time-sensitive responses.
• Clear written communication for documenting investigations and summarizing findings.
• High attention to detail and disciplined adherence to procedures and evidence-handling standards.
• Willingness to learn new tools techniques and detection methods including shadowing senior analysts and participating in training.
• Ability to work collaboratively with IT security engineering incident response and management teams.
• Ability to multitask work on multiple events and communicate with other team members virtually.
• Ability to take initiative work autonomously and complete tickets as prioritized.

Qualifications - Education - Required

• Bachelors Degree or comparable qualifications

Qualifications - Education - Field(s)/Profession(s)

• Cybersecurity Information Technology Computer Science or related field.

Compensation

The base salary range for this position is inclusive of all geographical differences in the labor market. The base salary for the position will be determined based on factors such as the candidates work location skills education and addition to those factors we believe in the importance of pay equity and consider the internal equity of our current team members in determining any final offer. We offer a competitive benefits package including health dental vision life insurance paid time-off benefits flexible spending account 401(k) with employer match and ESPP.

Additional Information

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

Finance of America is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color sex (including pregnancy) sexual orientation religion creed age national origin physical or mental disability gender identity and/or expression marital status veteran status or other characteristics protected by law.

Required Experience:

IC