Senior Information Security Analyst

### Who you are
- The ideal candidate will have deep expertise in CrowdStrike Falcon, Microsoft Sentinel, and a strong understanding of network and operating system internals across Windows, Linux, and macOS
- Experience in cloud incident investigations (Azure, AWS, GCP) is essential
- 4–7 years of experience in a SOC or cybersecurity analyst role
- Expert-level proficiency with CrowdStrike Falcon and Microsoft Defender
- Strong understanding of MITRE ATT&CK, malware behaviors, and incident response
- Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, Elastic)
- Deep knowledge of Windows, Linux, and macOS internals
- Proficiency in scripting (Python, PowerShell) and log analysis
- Excellent written and verbal communication skills
- CrowdStrike Certified Falcon Responder (CCFR)
- CrowdStrike Certified Falcon Administrator (CCFA)
- GIAC (GCIA, GCIH), CySA+, or equivalent
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience

### What the job involves
- We are seeking a highly skilled and experienced Senior Information Security Analyst to join our Security Operations Center
- This role is pivotal in defending enterprise assets against advanced threats through proactive monitoring, threat hunting, and incident response
- You'll monitor and triage alerts from CrowdStrike Falcon and Microsoft Sentinel
- Lead investigations into endpoint and network security incidents including malware, privilege escalation, lateral movement, and data exfiltration
- Execute containment and remediation strategies for identified threats
- Conduct proactive threat hunts using CrowdStrike telemetry and threat intelligence
- Perform forensic analysis of compromised systems and malware samples
- Analyze network logs and packet captures to identify anomalies and attacker behavior
- Investigate cloud-based incidents across Azure, AWS, and GCP environments
- Assess cloud logging readiness and ensure audit trails are complete and actionable
- Collaborate with cloud operations teams to improve detection and response capabilities
- Develop and refine playbooks, runbooks, and standard operating procedures
- Tune SIEM rules and EDR policies to reduce false positives and improve alert fidelity
- Participate in red/blue team exercises and contribute to continuous SOC maturity
- Serve as an escalation point for Tier 1 and Tier 2 analysts
- Mentor junior SOC staff and contribute to team knowledge sharing
- Interface with threat intelligence, incident response, and executive stakeholders
- Protect the security and privacy of Absolute and its customers
- Other duties as assigned by management

### Benefits
- Recognition: Competitive pay, exceptional benefits, and matching programs for retirement plans
- Development: Training and career development to help you grow, personally and professionally
- Comfort: Bright, modern offices with ergonomic workspaces, and areas for team collaboration and individual focus
- Inspiration: In-office art gallery, seasonally refreshed with a vibrant selection from British Columbia artists
- Refreshments: Free refreshments, from pastries to popcorn to pizza, and a huge selection of hot and cold beverages
- Health: Onsite fitness classes to burn off calories from the free snacks and keep you mentally sharp
- Connection: Monthly social events and an annual retreat to bring the team together and celebrate our wins
- Balance: Work/life balance with flexible time off and Absolute-sponsored events for the whole family