Security Operations Analyst

Company: Unqork

Location: Remote-First Community

About Unqork:
Unqork empowers enterprises to accelerate growth by rapidly building, testing, and running AI-powered applications. Trusted by the world's largest organizations in highly regulated industries, Unqork applications reduce technical debt and enhance security over time. Our customers include Goldman Sachs, Marsh, BlackRock, and the U.S. Department of Health and Human Services.

About the Role:
As a Security Operations Analyst, you will be an analytical individual contributor reporting to the Director of Security Operations. You will play a key role in Threat Detection & Response, Threat Intelligence and Hunting, Technical Security Architecture, IT Operations, and SIEM/SOAR engineering. Your primary focus is to proactively and reactively protect and defend critical assets against an evolving threat landscape.

The Impact You Will Make:

• Security Monitoring & Alert Triage: Monitor SIEM, EDR/XDR, and other security tools to detect, analyze, and triage security alerts, following playbooks for initial response.
• Process Efficiency & Automation: Utilize SOAR platforms to handle alerts efficiently and identify opportunities for automation.
• SIEM & Detection Engineering: Integrate and set up log source ingestion into SIEM tools, normalize fields, and create monitoring solutions based on threat intelligence. Maintain detection rules and log lifecycles.
• Threat Intelligence: Consume threat intelligence feeds and advisories to protect against known IoCs and emerging threat trends.
• IT Operations & Asset Security: Work with IT Operations to maintain asset inventories and assist in deploying endpoint security agents.
• Cross-Functional Technical Partnership: Collaborate with Engineering, Product, and IT to embed operational security requirements, influence architectural decisions, and foster a strong security culture.
• Compliance & Operational Reporting: Assist in generating security metrics and operational reports, and gather technical evidence for compliance audits.

What You Bring:

• 3+ years of progressive experience in Security Operations, with at least 2 years in a SOC, MDR, or Incident Response team.
• Proven track record as an engineer, having designed, implemented, and managed mature SOC processes and automations.
• Hands-on Python experience.
• Hands-on technical expertise in threat detection, incident response, vulnerability management, and the use of SIEM, EDR/XDR, other security monitoring platforms, and IAM solutions.
• Strong understanding of modern security threats, attack vectors, and defensive strategies.
• Expertise in security frameworks (e.g., NIST, MITRE ATT&CK) and their application.
• Exceptional communication and interpersonal skills, with the ability to influence and collaborate with technical and non-technical stakeholders.
• Demonstrated ability to translate complex security incidents and risks into clear, actionable strategies.
• Relevant industry certifications highly preferred (e.g., CISSP, CISM, GCIH, GCIA, OSCP).
• Bachelor’s degree in Computer Science, Information Security, or a related technical field; Master’s degree a plus.

Compensation & Hiring Ranges:

• Tier 1 (NY Metro, Seattle Metro, SF Bay Area): $80,000 - $100,000
• Tier 2 (All other US/Territory locations): $70,000 - $90,000
• Compensation is market-driven and depends on factors like location, role, skillset, experience, and peer salaries.
• May be eligible for target incentive and company equity (stock options).

Benefits & Perks:

• Work from home with a remote-first community.
• Unlimited PTO (with encouragement to use it).
• Student loan payback program.
• 100% employer-covered medical, dental, and vision options for you and dependents.
• Flexible Spending Account (FSA).
• Monthly stipend for WFH setup, vacation, development, and more.
• Employer-sponsored 401(k) with contribution match.
• Subsidized ClassPass Membership.
• Generous Paid Parental Leave.