Logo-of-Bright-Data-hiring-for-jobs-in-US-on-GrabJobs

SecOps Analyst

Job Description - SecOps Analyst

We are looking for a highly analytical and action-oriented SecOps Analyst to join our SecOps Team. As we expand into a 24/7 operational model, you will be on the front lines of defending our corporate infrastructure, large-scale cloud environments, and core product network against advanced threats.

Our team operates a flat, highly automated structure. We leverage a modern Automation platform to handle the noise, meaning your time will be spent conducting deep-dive investigations, proactive threat hunting, and working directly with our Detection Engineering team to continuously improve our automated defenses.

  • Alert Triage & Deep Investigation: Serve as the primary investigator for high-fidelity security alerts escalated by our SOAR platform across our SIEM and application logging hubs.
  • Incident Response: Lead end-to-end investigations of suspected security incidents (e.g., compromised identities, malware, phishing, cloud anomalies, and API abuse), executing containment and remediation runbooks.
  • Proactive Threat Hunting: Design and execute threat hunting campaigns across our EDR, Identity, and AWS cloud logs to uncover sophisticated threats that bypass automated detections.
  • Application Security Monitoring: Monitor custom, proprietary application logs and web access traffic to detect and mitigate insider threats, tenant abuse, and unauthorized data scraping.
  • Phishing & User Defense: Manage the abuse mailbox, analyze suspicious emails, extract malicious payloads/URLs, and execute rapid takedowns.
  • Detection Tuning Loop: Partner directly with the Detection & Automation Engineer to identify False Positives, refine SIEM queries, and suggest logic improvements for automation playbooks.
  • On-Call Rotation: Participate in the rotating on-call schedule to provide escalation support for our NOC during critical off-hours incidents.
  • 2+ years of hands-on experience in a Security Operations Center (SOC), Incident Response, or Cyber Threat Intelligence role.
  • Strong experience querying and analyzing logs within enterprise SIEM platforms (Splunk preferred).
  • Deep understanding of common attack vectors, the MITRE ATT&CK framework, and enterprise security tools (EDR, Identity Providers, SASE/Firewalls).
  • Experience investigating suspicious emails, analyzing headers, and extracting IOCs.
  • Strong analytical and critical-thinking skills, with the ability to clearly articulate security risks to non-technical employees during an investigation.
  • Excellent written and verbal communication skills in English for technical documentation and incident reporting.

Advantage

  • Experience operating within a SOAR-driven environment (e.g., Torq, Tines, XSOAR, Splunk SOAR).
  • Experience querying high-volume application or observability logs (Logz.io, ElasticSearch, ELK).
  • Familiarity with investigating cloud-native threats (AWS CloudTrail, IAM anomalies).
  • Experience reading or writing basic scripts (Python, Bash) to assist in log parsing or automation.
  • Relevant certifications (e.g., GCIA, GCIH, CySA+, or equivalent).
Original job SecOps Analyst posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Share Job
Share Job

Similar SecOps Analyst Jobs in the US

GrabJobs is the no1 job portal in the US, connecting you to thousands of jobs fast! Find the best jobs in the US, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.