Listing Description

Senior Security Operations Analyst

Alma is seeking a mission-driven Senior Security Operations Analyst to join our team.  We are dedicated to building and operating secure and compliant tools and services which help providers more easily manage and grow their practice. In this role, you will help us defend against cybersecurity incidents by identifying, analyzing, communicating and containing incidents as they occur.

The ideal person for this role loves to research tactics, techniques and procedures (TTPs) leveraged by attackers and adversaries and work with other teams to define standards, procedures and automated processes to uncover, resist and recover from security incidents.

What you’ll do:

• Defends against cybersecurity incidents and identifies, analyzes, communicates and contains incidents as they occur.


• Conducts network monitoring, intrusion detection analysis, log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources


• Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization


• Works with security information and event management (SIEM) to correlate activity across assets (endpoint, network, apps) and environments (on-premises, cloud) and identify patterns of anomalous activity


• Researches emerging threats and vulnerabilities to aid in the identification of incidents


• Creates runbooks for frequently occurring incidents to automate or at least assist with the resolution of those cases


• Provides users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary


• Validates and maintains incident response plans and processes to address potential threats

Who you are:

• You have 4+ years of experience working in a similar role with web technologies and information security.


• Certified Information Systems Security Professional (CISSP) and/or Global Information Assurance Certification (GIAC)


• You strongly understand AWS security , with an ability to build automated processes that can scale


• You have experience monitoring security systems that can scale, with high levels of automation.


• Experience deploying and tuning a security information and event management (SIEM) platform


• Knowledge of tactics, techniques and procedures leveraged by attackers and adversaries (e.g., MITRE ATT&CK)


• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one


• You have strong communication skills and can convey complex technical topics to non-technical stakeholders clearly and concisely.

Benefits:

• We’re a remote-first company 


• Health insurance plans through Cigna (medical and dental) and MetLife (vision), including FSA & HSA plans


• 401k plan (Roth and traditional)


• Free Alma platform access 


• Monthly therapy and wellness stipends


• Monthly co-working space membership stipend


• Monthly work-from-home stipend to power your wifi, lunches, coffee, etc 


• Pet discount program through United Pet Care 


• Financial perks and rewards through BenefitHub


• Free EAP access through LifeWorks 


• One-time home office stipend to set up your home office


• Comprehensive parental leave plans 


• 9 paid holidays, 1 Alma Mental Health Day, and 1 Alma Volunteering Day


• Unlimited PTO

Salary Band: $160,000 - $200,000

Alma’s compensation philosophy is driven by our company value of building equity. To best ensure pay equity, we typically bring in new hires near the middle of our listed salary bands and we do not negotiate our compensation (i.e. all people hired at the same level & role are brought in at the same salary, equity, and benefits). The recruiter you work with can provide more details on our philosophy. 

All Alma jobs are listed on our careers page. We do not use outside applications or automated text messaging in our recruiting process. We will not ask for any sensitive financial or identification information throughout the recruiting process. Any communication during the recruitment process, including interview requests or job offers, will come directly from a recruiting team member with a helloalma.com email address.