Cyber Defense Senior Analyst

About the Role

This role operates on a 10x4 Wednesday - Saturday weekly schedule as part of Experian's 24x7 global monitoring function. As a Cyber Defense Senior Analyst, you will be a key member of the frontline team providing security operations and monitoring for cybersecurity events impacting Experian, reporting to the Director of Cyber Defense Security Operations within the Cyber Fusion Center (CFC).

Your Opportunity

• Execute daily security operations, including monitoring, triaging, and responding to security events and alerts.
• Analyze events using security tooling (SIEM, EDR) and assess the risk/severity of cyber threats, escalating as per established processes.
• Collaborate with external teams for incident resolution and escalations.
• Notify team Leads of operational concerns and support their resolution.
• Manage assigned caseload throughout the incident response lifecycle, maintaining quality standards.
• Maintain comprehensive case documentation, including notes, analysis findings, and containment steps.
• Perform incident updates, contact end-users promptly, and complete case hand-off processes.
• Apply subject matter expertise to improve playbooks, SOPs, and training materials.
• Assist Leads and management with use case development to enhance security posture.
• Participate in paid overtime when operational needs arise.

Qualifications

• 3+ years of information security experience in a Security Operations Center (SOC) or Cyber Security Incident Response Team (CSIRT).
• Bachelor's Degree in a relevant field (Computer Science, Engineering, Information Systems, Information Security) or 6+ years of equivalent experience (SOC, IR, law enforcement, military).
• Working knowledge of the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks.
• Demonstrated knowledge of common intrusion methods, cyber-attack TTPs, and investigation/response techniques.
• Proficiency in determining containment, eradication, and recovery methods for security incidents and providing recommendations for prevention.
• Understanding of common Operating Systems (Windows, Linux, Mac OS), Networking (Firewalls, Proxies), Cloud Infrastructure (AWS, Azure, GCP), and Security Technologies (Anti-Virus, IDS).
• Ability to review and interpret logs from various sources (Firewalls, Proxies, Servers, Splunk, Packet Captures) to identify root cause.
• Experience with SIEM (e.g., Qradar, Splunk) and EDR (e.g., FireEye HX, CrowdStrike Falcon) applications; SOAR experience is a plus.
• Continuous learning in advanced cybersecurity areas (cloud security, incident response, threat detection, forensics, SIEM, malware analysis, scripting/automation).
• One or more relevant certifications highly preferred (GCIH, GMON, GCED, GSOC, CEH, GCFE, GCFA, CFCE, ENCE).
• Bonus: CISSP, CISM certifications.

Additional Information

• Benefits/Perks: Great compensation package and bonus plan, medical, dental, vision, matching 401K, flexible work environment (remote, hybrid, in-office), flexible time off (volunteer time off, vacation, sick, 12 holidays).
• Experian fosters a people-first culture focused on inclusion, authenticity, work/life balance, development, wellness, collaboration, and recognition.
• Compensation reflects geographic markets and includes base pay, variable pay opportunity.
• Equal Opportunity Employer.
• This is a remote position.