Senior Security Analyst


Full Time Senior-level / Expert
Tanium Inc. logo
Tanium Inc.
Apply now Apply later

The Basics:

The Senior Security Analyst will drive continuous improvement across all aspects of Tanium’s Security Operations program, provide subject matter expertise on investigations, and lead incident response efforts. Additionally, this role will provide candidates with an opportunity to help grow and scale a security operations program with responsibilities across on-premises and cloud corporate environments. Candidates will work with a team to enhance strategies, implement detective and preventive mechanisms, develop standard operating procedures, and automate repeatable tasks. Candidates will respond to and be an escalation point for security related events and alerts and perform remediation

What you'll do:

  • Act as an escalation point and subject matter expert for Security Operations personnel
  • Lead incident response, containment, and remediation for confirmed security incident
  • Perform event and incident triage (e.g., malware triage, network analysis, live response, etc.
  • Provide recommendations and perform remediation of security incidents and events
  • Collaborate on design, architecture, and threat models to incorporate detection and monitoring requirements
  • Collaborate with security engineering on the implementation and deployment of tools
  • Drive continuous improvement across all aspects of Security Operations
  • Drive strategic improvements of detection and response strategies
  • Be hands on in enhancing detection and prevention controls (e.g., logic updates, exclusions, etc.)
  • Develop playbooks to improve the efficiency of operation processes
  • Develop and maintain security operations processes & documentation (e.g., runbooks, operating procedures, etc.)
  • Perform threat hunts and translate results actionable detection and repeatable processes

We’re looking for someone with:

  • Education
    • Bachelor's Degree in Computer Science, IT or other relevant degree or equivalent work experience
  • Experience
    • 6+ years working in a Security Operations and Incident Response
    • 2+ years working in security roles for cloud products and SaaS services
    • Expertise in incident response methodologies and approaches
    • Experience in incident response and forensics for cloud and on-premises environments
    • Deep knowledge of cloud architecture, cloud security, and cloud services
    • Experience in Threat modeling, including developing countermeasures, of SaaS applications
    • Familiarity with implementation of multi-tenant cloud environments
    • Experience administering and responding to events on Linux, MacOS, and Windows operating systems
    • Proficiency with common security tools and platforms (e.g., SIEMs, vulnerability scanners, and malware analyzers)
    • Proficiency with IDS/IPS systems and endpoint Antivirus and EDR product
    • Work with different operating systems and cloud hosting providers (e.g., AWS, GCP, Azure, OCI)
    • Maintain working knowledge of attacker tactics, techniques, and procedures (TTPs)
    • Deep understanding of attacker tactics, techniques, and procedure
    • Experience with analyzing security event logs, and detecting and responding to security events
    • Experience with automation platforms and automation of repetitive tasks

About Tanium:

Tanium offers an endpoint management and security platform built for the world’s most demanding IT environments. Many of the world’s largest and most sophisticated organizations —  including nearly half of the Fortune 100, top retailers and financial institutions, and multiple branches of the U.S. Armed Forces — rely on Tanium to make confident decisions, operate efficiently, and remain resilient against disruption. Tanium has been named to the Forbes Cloud 100 list of “Top 100 Private Companies in Cloud Computing” for five consecutive years and ranks 4th on FORTUNE’s list of the “Best Workplaces in Technology 2020.” 

On a mission. Together. 

At Tanium, we are stewards of a culture that emphasizes the importance of collaboration, respect, and diversity. In our pursuit of revolutionizing the way some of the largest enterprises and governments in the world solve their most difficult IT challenges, we are strengthened by our unique perspectives and by our collective actions.   

We are an organization with stakeholders around the world and it’s imperative that the diversity of our customers and communities is reflected internally in our team members. We strive to create a diverse and inclusive environment where everyone feels they have opportunities to succeed and grow because we know that only together can we do great things. 

Taking care of our team members 

Each of our team members has 5 days set aside as volunteer time off (VTO) to contribute to the communities they live in and give back to the causes they care about most. 

Job perks/benefits: Team events
Job region(s): Remote/Anywhere North America
Job stats:  22  2  0
  • Share this job via
  • or

Explore more Information Security career opportunities