Logo for OpenLoop

Senior Staff Security Operations Analyst

Role overview

Qualifications

  • 10–12 years of progressive experience in security operations
  • Demonstrated ownership of major security incidents end-to-end
  • Working knowledge of cloud security, endpoint detection and response, SIEM platforms
  • Clear written and verbal communication

Responsibilities

  • Use AI tools for security operations as a force multiplier
  • Develop and execute hypothesis-driven threat hunting
  • Drive the vulnerability lifecycle, including discovery and remediation tracking
  • Assist with incident response and digital forensics

About the company

OpenLoop logo

OpenLoop

OpenLoop is a health tech leader delivering full-stack, white-labeled clinical support to companies scaling virtual care services across the nation. Founded with the vision to bring healing anywhere, OpenLoop’s solutions are thoughtfully designed to simplify telehealth delivery across an expansive array of specialties, in all 50 states. #HealingAnywhere #OpenLoopNetwork

Company details

Company size51 - 200

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

About OpenLoop

OpenLoop was co-founded by CEO, Dr. Jon Lensing, and COO, Christian Williams, with the vision to bring care anywhere. Our telehealth support solutions are thoughtfully designed to streamline and simplify go-to-market care delivery for companies offering meaningful virtual support to patients across an expansive array of specialties, in all 50 states.

About the Role

 We're hiring a Senior Staff SecOps Analyst to anchor our security operations function. This is a hands-on senior individual contributor role - you'll own the deepest, most complex security work across the company and set the technical bar for how we detect, investigate, and respond to threats.

You'll lead analysis end-to-end, drive maturity across the full SecOps lifecycle, and mentor analysts at every level. You won't manage people directly, but you'll be the person the team turns to help get anything and everything accomplished - and the person who builds the systems so fewer things catch fire in the first place.

You'll also be expected to operate as an AI-forward security practitioner. We treat AI as a force multiplier across the discipline, and we want someone who already does too.

What You'll Do

  •  AI-assisted security operations. Use AI tools (Claude, copilots, and emerging agentic platforms) as a force multiplier across every part of the job - accelerating triage and investigation, drafting and refining detections, summarizing alerts and incidents, automating repetitive analyst work, and improving the metrics that matter (MTTD, MTTR, dwell time, analyst throughput). Set the bar for how the security team uses AI responsibly in a PHI environment.

  • Threat hunting. Develop and execute hypothesis-driven hunts across endpoints, cloud workloads, identity, and SaaS. Translate hunt findings into durable detections. Utilize AI and automation to turn Threat Hunting into a powerful, proactive tool.

  • Vulnerability management. Drive the vulnerability lifecycle - discovery, prioritization (risk-based, not just CVSS), remediation tracking, and reporting. Partner with engineering to close real risk fast.

  • Attack surface management. Maintain visibility into our external and internal attack surface across cloud, SaaS, third parties, and acquired entities. Find exposure before someone else does.

  • Incident response and digital forensics. Assist, however necessary, the Lead Incident Responder with investigations and security incidents from triage through containment, eradication, recovery, and post-incident review. Perform host, network, cloud, and memory forensics. Assist with IR playbooks and the evidence chain.

  • Fraud assessment. Drive deep analysis on the source of digital fraud. From payment card to cyber-initiated fraud, understand the how and why on the digital fraud frontier.

  • Cross-functional partnership. Work directly with Engineering, IT, Operations, and Compliance. Translate security findings into clear asks with concrete next steps. Attack problems, not people.

  • Healthcare-specific risk. Apply controls that fit a HIPAA-regulated, PHI-handling environment. Help us move at purposeful speed without breaking what matters.

Who You Are

  • 10–12 years of progressive experience in security operations, with deep hands-on work across all of: digital forensics, incident response, vulnerability management, attack surface management, threat hunting, and security analytics.

  • Demonstrated ownership of major security incidents end-to-end - you've been the technical lead, not just on the bridge.

  • Working knowledge of cloud security, endpoint detection and response, SIEM platforms, identity providers, and modern attacker tradecraft (MITRE ATT&CK fluency expected).

  • Detection engineering experience — you've written, tuned, and retired detections, and you can defend your choices with data.

  • Scripting and automation proficiency (Python, PowerShell, or similar) — enough to build what you need rather than wait for it.

  • Demonstrated, hands-on use of AI tools (Claude, ChatGPT, GitHub Copilot, or equivalent) as part of day-to-day security work — not just experimentation. You can point to specific examples of how AI changed your throughput, your detection quality, or your time-to-resolution.

  • Clear point of view on AI safety and data handling — especially what's appropriate to send to which tools when PHI, credentials, or sensitive telemetry are involved.

  • Clear written and verbal communication. You can brief an engineer, a clinician, and an executive on the same incident and have all three walk away with what they need.

Strongly preferred

  • Experience in a healthcare, fintech, or other regulated environment with sensitive data handling requirements.

  • Working familiarity with HIPAA, HITRUST, or SOC 2 from the operator side — not just the audit side.

  • Industry certifications such as GCFA, GCIH, GNFA, GCTI, OSCP, or equivalent demonstrated expertise.

  • Experience supporting M&A security integration or multi-entity environments (we operate across several subsidiaries).

  • Experience building AI-assisted workflows or automations for security operations (custom prompts, agentic workflows, integrations with SIEM/EDR/ticketing).

  • Familiarity with prompt engineering, retrieval-augmented patterns, or building internal tooling on top of LLM APIs.

 

Our Benefits

In addition, for salaried positions you would also be eligible for:

  • Medical, Dental, and Vision plans

  • Flexible Spending/Health Savings Accounts

  • Flexible PTO

  • 401(k) + Company Match

  • Life Insurance, Pet insurance, and more

Our Company

We have a relatively flat organizational structure here at OpenLoop. Everyone is encouraged to bring ideas to the table and make things happen. This fits in well with our core values of Autonomy, Competence and Belonging, as we want everyone to feel empowered and supported to do their best work.

Sound like a good fit? We’d love to meet you.

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Security Operations Center (SOC) Analyst Related jobs

Other jobs at OpenLoop

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.