Remotery

Senior Embedded Detection Analyst

Posted 2 days ago

This is a fully remote position, open to applicants in United States.

📋 Description

• Take charge of detection performance results for 3-5 key customer accounts, ensuring the AI engine operates effectively in line with each customer's risk tolerance and priorities.

• Serve as a dependable resource for customer detection challenges, managing high-priority escalations related to false positives and false negatives, often utilizing investigation outputs from Email Security Analysts and other Threat Intel sources.

• Oversee and evaluate misclassification trends using internal detection analysis dashboards and tools.

• Conduct incident triage and alert correlation to methodically diagnose reasons for false positives or missed threats, employing IOCs and TTPs.

• Develop and execute detection tuning strategies based on customer-specific signals, attack patterns, threat intelligence, and behavioral traits, adhering to established methodologies.

• Adjust detection thresholds and configurations to enhance precision while ensuring coverage against emerging threats, balancing detection effectiveness with customer experience.

• Create and deliver impact reports that showcase quantifiable improvements in detection capabilities to both customers and internal stakeholders, in close collaboration with GTM teams.

• Maintain strong alignment with Sales and Customer Success leaders to grasp customer pain points, renewal risks, and key factors for securing deals, without assuming primary account management duties.

• Record detection issues, investigation results, and tuning strategies in a structured, reusable format to facilitate team learning and program enhancement.

• Review audit logs and scrutinize system interactions using internal and external tools, including AI-driven analytical tools, to pinpoint root causes and tuning opportunities.

• Recognize cross-customer trends and contribute tuning methodologies to the operational playbook for broader program utilization.

• Submit D360 CFN reports and AISM submissions to enhance global detection coverage based on customer insights.

• Provide input to the tooling team regarding analysis gaps, required capabilities, and automation prospects, playing a role in shaping the roadmap for detection analysis and tuning tools.

• Assist in training other team members by sharing investigative insights and developing repeatable methodologies, leveraging outputs from Email Security Analysts to amplify tuning effectiveness.

• Utilize AI tools (ChatGPT, Claude, Claude Code, etc.) within established workflows and investigations to expedite research, automate routine tasks, improve documentation, and enhance problem-solving efficiency.


⛳️ Requirements

• Over 7 years of experience in SOC operations, detection engineering, incident response, email security analysis, or a related cybersecurity role.

• Familiarity with security monitoring and detection platforms such as SIEM, EDR, email security tools, or comparable technologies (experience with Abnormal Security is a plus).

• Proficient in email attack analysis, with the ability to identify and utilize IOCs and TTPs to comprehend and address threats.

• Comprehensive understanding of precision/recall metrics (true/false negatives, true/false positives) and their business implications for security operations and customer experience.

• Demonstrated experience in triaging security alerts, conducting root cause analysis according to established procedures, and tuning detection logic to minimize false positives while maintaining coverage.

• Capability to execute standardized data analysis procedures, effectively adhering to established runbook methodologies and debugging analysis workflows as necessary.

• Proven proficiency with AI tools (ChatGPT, Claude, Claude Code, Copilot, or similar) to boost productivity, automate tasks, and expedite problem-solving in both routine workflows and ad-hoc investigations.

• Experience in technical writing that clearly communicates complex issues, with the ability to tailor communications for audiences with varying technical expertise, especially in customer-facing scenarios.

• Established ability to engage directly with customers or stakeholders on technical security matters, in collaboration with Customer Success and Sales, translating findings into business value without assuming management responsibilities.

• Proven capability to remain composed and responsive during high-pressure situations, including customer escalations and active cybersecurity incidents.

• Outcome-focused mindset that gauges success by customer impact and detection enhancement rather than completed activities.

• Strong ownership mentality with the ability to work within established processes while identifying improvement opportunities—trusted to complete tasks on schedule and to specification, with appropriate escalation when necessary.


🏝️ Benefits

• Health insurance

• Professional development opportunities

People also viewed

CACI International Inc2 hours ago

Senior Audit Analyst

US flagUnited States OnlyFull-timeAnalyst$68.4k – $143.7k/year
ApplyView job
Gainwell Technologies2 hours ago

Drug Rebate Analyst

US flagUnited States OnlyFull-timeAnalyst$35.9k – $51.3k/year
ApplyView job
Gordon Brothers2 hours ago

Machinery & Equipment Appraiser/Analyst

CA flagCanada OnlyFull-timeAnalyst
ApplyView job
Deckers Brands2 hours ago

Supply Programs Analyst – Global

US flagArizona, +4 more statesFull-timeAnalyst$66k – $89.1k/year
ApplyView job
Coupa Software2 hours ago

Compensation Analyst

US flagOhio OnlyFull-timeAnalyst$68k – $91.3k/year
ApplyView job
Northwestern Medicine2 hours ago

Application Analyst, Epic MyChart/Cadence

US flagIllinois OnlyFull-timeAnalyst$37 – $56/hour
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers