Security Analyst III

Who we are

We are a dedicated team of security professionals focused on evolving Mindbody’s security posture. Our collective goal is to protect the future, fostering increased opportunities for wellness businesses worldwide to empower their customers in leading secure and healthy lives. Committed to a higher purpose, we continuously challenge ourselves and our organization to excel, understanding the strength derived from collaborative efforts towards a common goal. We are advocates for a diverse workplace, fostering an environment where individuals can bring their authentic selves to contribute to our shared success. At the heart of our achievements lies the belief in the value of our people. If you share our passion and vision, consider joining our team, and let's explore the remarkable feats we can achieve together! 

Your role

The Senior Security Operations Analyst will play a critical role within our organization's cyber security framework, specializing in security event analysis, detection, and response. The ideal candidate will have a strong background in security operations and a proven track record of handling complex security incidents.

The ideal candidate will demonstrate a comprehensive grasp of cyber security fundamentals, proficiency in risk and vulnerability management, and a strong understanding of security event analysis and triaging in SaaS and Cloud production environments. 

You'll likely spend time working on

• Review and analyze security alerts generated by the SIEM system, prioritizingand triagingalerts based on severity and potential impact
• Manage and optimize security operation technologies and functions such as SIEM, TIP, andincident response case management to enhance the organization's security visibility
• Evaluate security data sources and use cases for consideration in the improvement and expansion of the team’s detection capabilities
• Lead incident response efforts, including investigation, containment, eradication, and recovery from security incidents and breaches. Participating in the team’s on-call rotation for critical incident escalations
• Conduct root cause analysis and post-incident reviews
• Develop and evangelize incident response playbooks and procedures for CSIRT
• Steer the Cyber Threat Intelligence (CTI) program to continually monitor emerging security threats, trends, and technologies. Provide recommendations for improving security controls and processes to mitigate risks efficiently
• Gather and analyze cyber threat intelligence from various sources, correlate it with security events and incidents, and provide actionable insights to the security team and stakeholders
• Conduct proactive threat hunting activities to identify potential threats, develop and implement methodologies and tools, and document findings with recommended mitigation strategies
• Monitor and analyze user behavior to detect potential insider threats, investigate suspicious activities and recommend appropriate actions, and develop and implement insider threat detection and response strategies
• Provide guidance, support, and mentorship to junior team members who demonstrate a willingness to learn and take on new challenges
• Aid in the gathering of evidence for compliance audits

About the right team member

You are an experienced, self-motivated security professional who is passionate about leading and executing impactful and high-quality security initiatives. You know the best security is created through collaboration and iteration, and you are looking for the right opportunity and the right team to expand your experience. 

You'll thrive in this role with experience in

• Broad and deep knowledge of security concepts, principles, and best practices
• 5-7 years information security and/or technology experience, 3+ years in a similar cyber security analyst role
• Exceptional decision-making skills, demonstrating a track record of effectively evaluating the costs and benefits of various courses of action to find the optimal solution
• Comfortable communicating with a broad audience, including executives, clients, and cross-functional teams
• Skilled in the analysis of threat event data and recognition of tactics, techniques, and procedures (TTPs) employed by threat actors
• Experience with operating and managing SIEM (e.g., Google Chronicle, Splunk) and
• Endpoint, Detection and Response (EDR) tools
• Familiar with scripting languages for automation (e.g., Python, Bash, PowerShell)
• An understanding of applying MITRE ATT&CK or similar frameworks in enterprise environments 
• Experience with cloud security and monitoring (e.g., AWS, Azure, Google Cloud)
• Strong background in incident response and handling complex security incidents
• Experience in cyber threat intelligence gathering and analysis and threat hunting methodologies and tools
• CISSP, GIAC or comparable certifications strongly preferred