Senior Security Operations Analyst

The Senior Security Analyst is a senior individual contributor within the NuHarbor Managed Services Security Operations team. This role serves as the technical anchor on shift, conducting deep investigations, producing client-ready documentation, and actively raising the quality of the team's work through mentorship and technical shift ownership. Senior Security Analysts are expected to operate with minimal direction, self-assign to the most complex open problems, and deliver work that reflects NuHarbor's commitment to technical excellence and client outcomes.

.

What you'll do

• Live by the NuHarbor corporate values: Help Clients Win, Always Improve, Protect the House.
• Own investigations end-to-end from initial alert through root cause analysis, attack chain reconstruction, and client-ready written narrative.
• Correlate across SIEM, EDR, and identity telemetry to identify what alerts missed, not just what they flagged.
• Self-assign to difficult, ambiguous, or high-priority work without requiring direction, including work that falls outside defined lanes.
• Support the Security Analyst team with alert triage, classification, disposition, and escalation within SLA requirements.
• Identify and communicate security gaps and mitigations in the context of client environments.
• Communicate proactively with the Security Operations Manager on active threats, escalations, and items requiring leadership visibility.
• Facilitate client-facing meetings including incident briefings, escalation reviews, and threat landscape discussions.
• Produce ticket documentation that requires no editorial cleanup, every ticket must include an evidence trail, analyst reasoning, disposition rationale, and a plain-language client summary
• Remain current on emerging threats, CVEs, and attacker techniques relevant to client environments.
• Support the onboarding of new clients onto NuHarbor Security Services and Platforms.
• Train, mentor, and support junior analysts, including structured coaching on investigation methodology, documentation standards, and client communication.
• Review escalations to clients from junior analysts prior to client delivery, ensuring investigative completeness and documentation quality.
• Develop and refine automation playbooks to reduce alert volume and improve analyst workflow.
• Contribute tuning feedback, noise identification, and alert fidelity assessments to the Detection Engineering program, in coordination with DE leadership.
• Develop recommendations and enhancements to mature a client's cybersecurity program.
• Coordinate with NuHarbor clients and internal stakeholders during and after incident response activities.

Do you have experience in Triage?, Do you have a Bachelor's degree?, * Bachelor's Degree and five (5) years of experience. Experience should be in a cybersecurity field and should include relevant industry certifications.

• In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required.

• Demonstrated experience with SOC operations, executing security event triaging and tuning.
• Demonstrated experience writing runbooks and support procedures.
• Demonstrated experience executing Monitoring and Response across multiple phases, containment, eradication, and recovery, in a SOC or MSSP environment.
• Demonstrated experience with security event triaging and threat hunting executed through both a SIEM and EDR toolset.
• Hands on experience with at least two of the following Endpoint Detection and Response (EDR) and Security Orchestration Automation and Response solutions.

• CrowdStrike
• Microsoft Defender
• Microsoft Sentinel
• Splunk Enterprise Security

• Demonstrated experience with scripting in at least one language (Python, PowerShell, or equivalent) in a manner that supports automation solutions.
• Excellent written and verbal communication skills.
• Previous experience in technical support or security-focused role.
• Willing and able to work Sunday - Thursday, 8:30am - 5:00pm.
• Must be authorized to work within the United States.

Additional capabilities that will differentiate you for this role:

• Bachelor's Degree and seven (7) or more years of experience in cybersecurity with progressive responsibility in SOC, MDR, or MSSP environment.
• Holds at least two relevant industry certifications (GCFA, GCIH, CEH, CISSP, etc.)
• Demonstrated experience communicating and presenting to executive level client stakeholders.
• Technical writing and reporting experience.
• Experience executing initial triaging and response through a SOAR platform.
• Experience with multiple operating systems (Linux, MacOS, Windows), their command lines, processes, and file systems.
• Experience with memory and storage forensics.
• Experience with static and dynamic malware analysis.
• Demonstrated ability to translate complex technical findings into clear, business-relevant narratives for non-technical audiences.
• Experience with data science techniques (clustering, anomaly detection, data normalization, etc.
• General systems administrator experience.
• Fluency with the MITRE ATT&CK framework as an active investigation and communication tool.
• Experience working in multiple cybersecurity disciplines (i.e. Penetration Testing, Threat, Information Assurance, Engineering, etc.)

Pulled from the full job description

• Paid time off, * The engagement and support of company leadership who recognize the challenge of marketing a complex cybersecurity service in a chaotic market.
• An organization that recognizes and rewards employee commitment and contribution to our customers' satisfaction and success
• Growth in your career and capabilities as you help to chart a path to improving customer interactivity and service adoption.
• A collaborative and driven working environment in a rapidly growing company and market
• A fun and social working environment where you are encouraged to be your true self.

You can also expect competitive salary and benefits, including paid time to give back in your community and generous PTO.

The salary for this role is targeted in the 110K - 135K, based on Burlington, VT salaries. Geographical location will be taken into consideration in salary offer.

We are purpose driven. We, as an organization, above anything else protect the house first and then help our customers win. If this sounds like the kind of organization you'd like to be a part of, we'd like to hear from you.

Every day, NuHarbor Security improves the cybersecurity of our clients by making it stronger and easier to understand. Our comprehensive suite of security services, from strategic advising to 24-hour monitoring and management, provide an organizational view of security that is focused on results and recommendations that are valuable for both business and technical leaders. We're growing quickly because our clients, and the general market, are looking for these outcomes and for the data it gives them to explain, promote, and justify, their security investment and mission.