Senior Security Analyst - SIEM & EDR (Remote)

About the Role

We are seeking a Senior Security Analyst - SIEM & EDR to join our dynamic team in a fully remote capacity. As a Senior Security Analyst, you will play a crucial role in enhancing our cybersecurity posture by taking ownership of the configuration, tuning, and ongoing maturity of our SIEM and EDR environments. This is not just a monitoring role; we need a hands-on expert who can build and optimize our security tools to effectively combat threats.

What You'll Do

• Own the deployment, configuration, and ongoing tuning of the SIEM across the environment.
• Build and refine detection rules, correlation searches, and alerting logic that surface real threats.
• Normalize and enrich log sources to improve signal quality and reduce analyst fatigue.
• Define and maintain dashboards, reports, and KPIs tied to detection coverage and MTTD/MTTR.
• Lead the configuration and rollout of a cutting-edge EDR across 10,000 endpoints.
• Tune prevention and detection policies to balance protection with operational impact.
• Build response workflows and automated containment actions for common threat scenarios.
• Translate threat intelligence and real-world incidents into actionable detection content.
• Develop and maintain runbooks, triage workflows, and escalation procedures.
• Partner with IT, infrastructure, and application teams to close telemetry gaps.
• Drive post-incident reviews and feed findings back into detection improvements.
• Track and report on detection coverage, alert fidelity, and response times.
• Align detection strategy with frameworks like MITRE ATT&CK and NIST CSF.
• Participate in purple-team exercises, tabletops, and detection validation testing.

Requirements

• 7+ years in security operations, detection engineering, or incident response, ideally in an enterprise environment.
• Hands-on experience configuring and tuning SIEMs.
• Hands-on experience deploying and managing EDR systems.
• Strong understanding of log architecture, telemetry design, and detection logic.
• Familiarity with MITRE ATT&CK and at least one structured detection/response framework.
• Comfortable scripting or automating in Python, PowerShell, or similar.

Nice to Have

• Experience standing up a SIEM or EDR platform from scratch, not just inheriting one.
• Exposure to SOAR platforms or automated response tooling.
• Background in cloud-native environments (AWS, Azure, or GCP).
• At least 2 industry certs: CISSP, Security+, CCSP, GREM, GMON, GCIA, GCIH, GCED, Splunk Core/Power User, CrowdStrike CCFA/CCFR or similar.

What We Offer

• Competitive salary ranging from $130,000 to $160,000 annually.
• Fully remote work environment, allowing for flexibility and work-life balance.
• Opportunities for professional development and continuous learning.
• Engagement with cutting-edge cybersecurity technologies.
• Collaborative and innovative team culture.