• Location: Boston MA
• Type: Perm
• Job #24276

Company Overview:
A leading global investment firm with approximately $500 billion in assets under management is seeking a Senior Security Analyst to join their Threat Detection & Response team. This role will serve as the U.S. Regional Lead for complex cyber incidents.

Job Responsibilities:

• Act as escalation lead for high-priority incidents across the U.S. region, owning response strategy, containment, and communication.
• Perform advanced incident investigations using a wide range of telemetry – SIEM, EDR, NDR, and cloud logs.
• Directly coordinate with internal CIRT, business units, and MSSP for incident resolution, impact mitigation, and post-incident reviews.
• Provide situational updates and executive-ready briefings to senior leaders during and after critical events.
• Mentor Tier 1 and Tier 2 analysts, providing coaching, quality assurance, and escalation guidance.
• Participate in readiness exercises and develop incident response playbooks and tabletop simulations for Tier 3 scenarios.
• Lead and contribute to threat hunting efforts across the enterprise – focused on uncovering stealthy or novel attacker behaviors.
• Validate and tune detections based on incident findings; contribute to detection engineering initiatives.
• Perform detection validation testing and design and execute adversary emulation scenarios mapped to MITRE ATT&CK.
• Develop and implement modern SOAR workflows to automate triage and response for suitable alerting use-cases.
• Drive cross-team initiatives that enhance detection coverage, improve operational efficiency, and embed threat-informed defense into day-to-day practices.
• Contribute to the development and operationalization of detection-as-code methodologies and other engineering-driven approaches to scalable detection lifecycle management.
• Help define and track operational metrics such as MTTR, MTTC, detection gaps, and hunting efficacy.

Qualifications:

• 5+ years in Security Operations, Incident Response, or Blue Team leadership roles within modern enterprise environments.
• Proven experience leading high-severity incident response, including business impact engagement and executive communication.
• Modern incident response experience across hybrid environments, including traditional on-prem infrastructure and cloud-native ecosystems.
• Strong experience with modern detection technologies (EDR, SIEM, log correlation) and a deep understanding of attack kill chains, lateral movement, and behavioral threat detection.
• Experience working within or alongside DevOps/DevSecOps teams to support secure CI/CD.
• Solid understanding of MITRE ATT&CK and experience aligning detection or threat hunting efforts to it.
• Experience with purple teaming, detection validation, or adversary simulation platforms.
• Experience designing or supporting automated response workflows using SOAR tools.
• Familiarity with detection-as-code approaches, including managing detection logic in structured formats, version control integration, and lifecycle management of detection content.

Compensation:
Salary: $130,000 – $150,000