close-menu

Senior Cyber Defense Analyst

Abnormal

Not Interested
Bookmark
Report This Job
profile Job Location:

San Francisco, CA - USA

profile Monthly Salary: Not Disclosed
Posted on: 23 hours ago
Vacancies: 1 Vacancy
Register to Apply

Job Summary

About the Role

We at Abnormal AI are looking for a hands-on Security Operations/ Cyber Defense Analyst who thrives in a fast-paced engineering-driven environment. Youll be responsible for monitoring investigating and responding to security alerts across cloud endpoint identity and application layers. Youll work closely with detection engineers cloud security and IT teams to protect our hybrid environment from threats in real time.

This is not a click-through-the-console SOC role were looking for someone who can think critically automate relentlessly and own incidents end-to-end.

Key Responsibilities

  • Detection & Triage:

    • Monitor alerts from tools like SIEM EDR IAM CSPM CDR etc.

    • Perform initial triage enrichment and correlation across multiple data sources.

    • Identify false positives and fine-tune rules with detection engineering.

  • Incident Response:

    • Lead containment eradication and recovery for endpoint cloud and identity incidents.

    • Document and communicate incidents through SOAR/Jira/ServiceNow workflows.

    • Perform root cause analysis and propose permanent preventive controls.

  • Threat Hunting & Analysis:

    • Proactively hunt using hypotheses mapped to MITRE ATT&CK.

    • Investigate anomalies across CloudTrail Okta GitHub and other telemetry sources.

    • Collaborate with threat intelligence to identify emerging TTPs.

  • Automation & Process Improvement:

    • Build or enhance playbooks in SOAR (Torq or equivalent).

    • Create custom enrichment scripts and automations (Python Bash etc.).

    • Suggest new detection logic and operational improvements.

  • Reporting & Metrics:

    • Track and report operational metrics (MTTD MTTR incident categories).

    • Maintain documentation and lessons learned.

Required Skills & Qualifications

  • 5-7 years of hands-on SOC or Incident Response experience in a cloud-first or hybrid environment.

  • Strong understanding of attacker lifecycle MITRE ATT&CK and threat actor TTPs.

  • Experience with EDR (CrowdStrike preferred) SIEM (Splunk preferred) and SOAR (Torq XSOAR or Phantom).

  • Familiarity with AWS Okta and SaaS platforms.

  • Proficiency in writing queries and automations using Python SPL or equivalent.

  • Excellent analytical and investigative skills capable of operating independently with minimal hand-holding.

  • Strong documentation and communication skills for technical and executive audiences.

Nice to Have

  • Experience with CSPM/CDR/VM tools.

  • Knowledge of Containers and Kubernetes security.

  • Relevant certifications like CEH Security GCIH GCIA or AWS Security Specialty.

What Success Looks Like

  • You consistently deliver high-quality triage with minimal false positives.

  • You automate repetitive tasks instead of manually doing them twice.

  • You can take a vague alert and turn it into a well-documented case with actionable findings.

#LI-EM5

  • You make measurable improvements to detection coverage response time or tooling maturity.

Required Experience:

Senior IC

About the RoleWe at Abnormal AI are looking for a hands-on Security Operations/ Cyber Defense Analyst who thrives in a fast-paced engineering-driven environment. Youll be responsible for monitoring investigating and responding to security alerts across cloud endpoint identity and application layers....
View more view more

Key Skills

  • Splunk
  • IDS
  • Microsoft Access
  • SQL
  • Cybersecurity
  • Intelligence Experience
  • Malware Analysis
  • Tableau
  • Analysis Skills
  • SAS
  • Data Analysis Skills
  • Analytics
Apply Now

About Company

Abnormal
Company Logo

Advanced email protection to prevent credential phishing, business email compromise, account takeover, and more.

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click

AI AutoApply

AI Resume Builder

Create an ATS-ready CV in minutes

AI Resume Builder

AI Cover Letter

Write a personalized letter instantly

AI Cover Letter

Related Jobs

Senior Project Manager – Finance Transformation | MetroWest (hybrid)

Origin Staffing

profile Boston

Business Analyst

Adjoe Gmbh

profile Boston

Senior Software Engineer (Remote, EST CST)

Trbe

profile New York City

FinancialIT Business Analyst

Rr Donnelley

profile Detroit

Inventory Analyst

Healthbay

profile Chicago

Contract Analyst

Amg & Associates, Inc.

profile Los Angeles

IT Operations Analyst

Amg & Associates, Inc.

profile Austin

Remote Client Support Analyst

Triptasticadventures

profile Austin
  1. Home
  2. Jobs In USA
  3. Jobs In California
  4. Jobs In San Francisco
  5. Senior Cyber Defense Analyst
About Dr.Job

Dr.Job is an AI-powered career platform that bridges the gap between employers and talented job seekers. Since 2015, we have been one of the leading job portals in the UAE, trusted by thousands daily to find opportunities faster and smarter. Today, Dr.Job is expanding worldwide, connecting professionals and employers across borders. With AI-driven tools for resume building, interview preparation, and automated applications, Dr.Job empowers job seekers to land their dream roles and helps employers find top talent with accuracy and speed.

Follow Dr.Job
Payment accepted icon
Company
Popular Searches
Employer
Quick Links
Job seeker
Jobs by Countries

Dr Job FZ LLC. 2026 © All Rights Reserved

Terms of Use. Privacy Policy. Cookie Policy