Senior Security Analyst
Role summary
The Senior Security Analyst is responsible for monitoring, investigating, and responding to cybersecurity threats within the enterprise environment. This role involves leading complex security investigations, conducting proactive threat hunting, and enhancing detection capabilities across endpoint, identity, and data security platforms. The analyst will utilize technologies such as CrowdStrike Falcon, Cyberhaven DDR, and the Microsoft security ecosystem to safeguard organizational systems and sensitive data. Key responsibilities include analyzing security alerts, investigating incidents like malware infections and account compromises, and developing improved detection logic. The position also requires mentoring junior analysts and serving as an escalation point for complex issues.
Position Summary
The Senior Security Analyst is responsible for monitoring, investigating, and responding to cybersecurity threats across the enterprise environment. This role leads complex security investigations, performs proactive threat hunting, and helps improve detection capabilities across endpoint, identity, and data security platforms. The position leverages technologies including CrowdStrike Falcon, Cyberhaven Data Detection and Response (DDR), and the Microsoft security ecosystem to protect organizational systems and sensitive data.
Key Responsibilities
- Monitor and investigate security alerts using CrowdStrike Falcon, Cyberhaven, and Microsoft security tools.
- Lead investigations of security incidents, including malware infections, account compromise, and potential data exfiltration.
- Conduct proactive threat hunting across endpoints, identities, and data activity.
- Utilize Microsoft Defender for Endpoint, Defender for Identity, Microsoft 365 Defender, Azure AD / Entra ID, and Microsoft Sentinel for security monitoring and analysis.
- Investigate endpoint telemetry and suspicious behavior through CrowdStrike Falcon EDR/XDR.
- Monitor and analyze sensitive data movement using Cyberhaven DDR.
- Develop detection logic, improve alert tuning, and assist in strengthening SOC processes.
- Mentor junior analysts and serve as an escalation point for complex investigations.
Required Qualifications
- 5+ years of experience in cybersecurity operations, incident response, or threat detection.
- Hands-on experience with CrowdStrike Falcon EDR/XDR.
- Experience with Cyberhaven Data Detection and Response (DDR) or similar data security platforms.
- Experience working with Microsoft security technologies, including:
- Microsoft Defender for Endpoint
- Microsoft Defender for Identity
- Microsoft 365 Defender
- Azure AD / Entra ID
- Microsoft Sentinel
- Strong understanding of:
- Incident response and threat investigation
- Endpoint detection and response (EDR)
- Threat hunting methodologies
- MITRE ATT&CK framework
Preferred Qualifications
- Experience with PowerShell, KQL, or Python.
- Experience investigating ransomware, insider threats, or advanced persistent threats (APT).
- Relevant certifications such as GCIH, GCIA, CISSP, Security+, or CrowdStrike Falcon certifications.
Similar roles
- Security AnalystDecryption Digest ® · United States · Remote
- Security AnalystMjolnir Security · Toronto, Ontario, Canada · Hybrid
Security AnalystExperis Canada · Canada · Remote
Security AnalystCanada's Wonderland · Ontario, Canada · Onsite- Security AnalystCanada's Wonderland · Ontario, Canada · Onsite
