Principal Advanced Threat Response Analyst

• Lead end-to-end investigations of advanced cyber threats including APTs, ransomware, insider threats, and nation-state attacks across enterprise and cloud environments
• Drive proactive threat hunting initiatives focused on emerging attacker techniques, behavioral analytics, and detection gap identification
• Conduct incident command during major security events, coordinating response teams and communicating with executive stakeholders
• Develop, tune, and automate detection capabilities using SIEM and EDR platforms such as Splunk, Sentinel, and related tools
• Design and execute purple team exercises and adversary simulations to evaluate detection and response effectiveness
• Collaborate with red teams and offensive security engineers to analyze attacker tools, techniques, and procedures and translate insights into defensive controls
• Create incident response playbooks, containment strategies, and long-term remediation plans to improve security posture
• Contribute to threat intelligence programs by enriching internal feeds with findings from investigations and external research
• Partner with engineering and infrastructure teams to strengthen security controls across endpoint, network, and cloud environments
• Conduct tabletop exercises and readiness simulations to validate incident response capabilities and identify gaps
• Mentor junior analysts and contribute to building a high-performance threat response function

Requirements:

• 10+ years of experience in cybersecurity roles such as incident response, threat hunting, digital forensics, SOC operations, or threat intelligence
• Proven experience leading investigations of advanced persistent threats and complex multi-vector cyberattacks
• Strong knowledge of the MITRE ATT&CK framework, kill chain analysis, and adversary emulation techniques
• Hands-on experience with enterprise and cloud environments (AWS, Azure, GCP) from a defensive security perspective
• Deep expertise in SIEM platforms (Splunk, Sentinel, ELK) and EDR solutions (CrowdStrike, Defender, Carbon Black, etc.)
• Strong understanding of offensive security tools and techniques (e.g., Cobalt Strike, Mimikatz, Metasploit) to build effective detections
• Proficiency in scripting and automation using Python, PowerShell, or Bash for security operations and data analysis
• Experience designing and executing purple team exercises and incident response simulations
• Strong communication and leadership skills, including executive-level reporting and cross-functional collaboration
• Ability to operate in high-pressure environments with strong analytical and critical thinking skills
• Relevant certifications such as GCFA, GCIH, GNFA, GREM, OSCP, or equivalent are highly valued

Benefits:

• Competitive salary range aligned with U.S. market standards for senior cybersecurity roles (approx. $120,500 – $276,500 USD base, depending on location and experience)
• Performance-based incentives and potential bonus compensation
• Comprehensive health, dental, and vision insurance coverage
• Strong focus on employee wellbeing and mental health support programs
• Retirement savings plan and financial wellness resources
• Flexible remote-first work arrangement
• Career development programs and continuous learning opportunities in advanced cybersecurity domains
• Opportunity to work on large-scale, high-impact global security challenges
• Inclusive and collaborative work culture with strong emphasis on innovation and knowledge sharing
• Exposure to cutting-edge threat intelligence, detection engineering, and incident response practices