Security Operations Analyst

The Position

We are seeking a motivated Security Operations Analyst to join our team and support the day-to-day security operations of OPSWAT. In this role, you will assist with incident response, help protect our products, internal systems, infrastructure across both on-premise and muti-cloud environments, and play a key part in strengthening our overall security posture. You will work closely with security and technology teams to investigate incidents, manage vulnerabilities, and ensure that our systems align with industry best practices and standards.

What You Will Be Doing

• Proactively monitor to real-time security alerts, perform identifying and escalating anomalies to enable swift risk mitigation.
• Perform validation, investigation, and response to cybersecurity incidents escalated from the SOC or other detection sources, ensuring proper incident documentation, root cause analysis, and reporting.
• Perform administration and operations across security-related tools including EDR, email security, vulnerability management platform, and cloud security monitoring.
• Enhance incident detection and alerting by refining monitoring and correlation processes, including tuning security rules and policies to reduce false positives and improve detection accuracy.
• Collaborate with product engineering and technology teams to ensure security policies and best practices are followed during projects, while also supporting improvements to OPSWAT-owned products.
• Stay updated on the latest threat intelligence, including advisories, updates, and industry news, to strengthen detection and response capabilities.
• Contribute to improving security best practices, processes, and playbooks, continuously strengthening OPSWAT's security defenses and controls.
• Perform other security-related tasks as assigned by the Direct Supervisor.

What We Need From You

• Bachelor's degree in computer science, Information Security, or a related field - or equivalent work experience.
• 1-3 years of experience in cybersecurity operations or a related technical role.
• Basic understanding of security frameworks and standards such as NIST CSF, MITRE ATT&CK, OWASP, or CIS Controls.
• Familiar with security tools including EDR, SIEM (e.g., ELK, Splunk), threat intelligence platforms, vulnerability management solutions, cloud security tools.
• Exposure to cloud platforms (Azure, AWS, GCP) is desirable.
• Knowledge of common cyber threats, attack methods, and indicators of compromise (IOCs).
• Strong communication skills and ability to work well with both technical and non-technical teams.
• Analytical mindset, attention to detail, and eagerness to learn in a fast-paced environment.
• Interest or progress towards information security certifications such as Security+, CySA+ is a plus.