Security Analyst - Tier 3

7AI is on a mission to put swarming AI agents in the hands of defenders to offload non-human work, shift people up, and finally focus on achieving the security outcomes that teams have been searching for. We are seeking curious, detail-oriented, technical experts who thrive on solving complex, high-stakes puzzles and are deeply customer-obsessed to continue our mission of building the world’s first Agentic Security Platform.

As a Tier 3 Security Analyst at 7AI, you will serve as the technical leader and point of escalation for junior analysts who are analyzing and triaging 7AI Agents’ investigations, identifying correct execution, and reducing risk for customers. You will retrospectively prove the maliciousness of threats that were stopped to help customers understand the gravity at which our service is working for them. You will help architect scalable processes to build high-functioning systems, while remaining resilient and vigilant in the face of adversarial threats. You will use your expertise of various data sources to perform investigations ad hoc, pulling data to support incident investigation as they are happening, and hunt for malicious activity in customer environments.

What You’ll Do:

• Analyze and validate investigations completed by the AI Agents for accuracy and completeness, evaluating risk

• Lead and mentor junior analysts and serve as the technical expert and key escalation point for investigations

• Correlate data from various data sources including cloud, endpoint, identity, network, etc. to understand that full picture of a malicious activity

• Investigate malicious activity that the 7AI Agents responded to and understand the complexity of the attack that was stopped including the risk that was prevented for customers

• Use our advanced AI Agents to hunt in customer environments to detect and remediate emerging threats, ultimately contributing to detections that will be folded back into the product

• Assist customers with ongoing threat monitoring, triage, and prioritization of security alerts as needed but especially during incidents to resolve threats and secure the environment

• Proactively identify potential threats and anomalies in customer environments by reviewing logs and malicious findings

• Utilize your supreme communication skills to engage with customers who vary in their level of technical depth and focus (from SOC analysts to CISOs)

• Architect processes while we build out this elite organization to scale the operation sustainably while maintaining consistent quality

• Collaborate with the Sales, Engineering, and Product teams, providing feedback on the customer experience and assist in optimizing and tuning the AI platform

• Stay current with emerging cybersecurity trends, vulnerabilities, and new attack techniques, especially the field of AI-driven attacks

Required Qualifications:

• 5+ years of experience in cyber security operations

• Hands-on experience with investigating alerts and across multiple sources (endpoint, network, identity, email, cloud, etc.)

• Strong understanding of security monitoring tools (XDR, SIEM, IDS/IPS, IDP, etc.)

• Familiarity with log \ telemetry concepts

• Experience analyzing and investigating security alerts from multiple sources, including intrusion detection systems, network monitoring tools, and endpoint protection platforms

• Strong knowledge of common attack techniques and frameworks (MITRE ATT&CK) and incident triage methodologies

• Strong analytical and problem-solving skills, with the ability to verify AI-driven analysis and make independent security decisions

• Data querying experience with SIEM querying technologies (SPL, KQL, FQL, SQL, etc) and familiarity with log / telemetry concepts

• Strong knowledge with Malware Analysis methods

• Great interpersonal skills with a service oriented mindset

• Proven track record of successfully collaborating in a team, including mentorship skills and ability to teach complex concepts

Preferred qualifications:

• Prior experience in a Managed Services environment

• Incident Handling experience

• Relevant certifications: Security+, GSEC, GCIH