IT Security Operations Analyst

Security Operations Analyst

This role serves as the internal bridge between the business and its managed security partners, owning day-to-day security operations across Arctic Wolf (SOC-as-a-Service), Huntress, Sentinel One endpoint platforms.

The Security Operations Analyst is responsible for ensuring the effectiveness, coverage, and continuous improvement of endpoint protection, detection, and response capabilities. This individual plays a critical role in triaging security events, reducing alert noise, and coordinating timely response actions across internal stakeholders and external partners.

• Serve as the primarily liaison to Arctic Wolf, managing escalations, turning alert fidelity, and ensuring SLA adherence.
• Administer and optimize Huntress and Sentinel One deployments – including agent health, coverage gaps, policy configurations, and exclusion management.
• Triage and response to incidents surfaced by the third-party SOC, coordinating containment and remediation with internal stakeholders.
• Refine detection rules, dashboards and reporting to reduce noise and surface high-signal alerts.
• Review and action Arctic Wolf tickets and Huntress/Sentinel One findings daily.
• Maintain endpoint scanner coverage across the environment, tracking and resolving unmanaged or unhealthy agents.
• Partner with IT and business teams to ensure security tooling does not disrupt operations.
• Document incidents, response actions, and lessons learned.

• Gain exposure to secure AWS architectures, including governance guardrails and scalable security patterns.
• Support secure standards for cloud modernization, application migrations, and cloud-native development.
• Participate in security reviews and continuous posture improvement efforts.

• Support enterprise security policies, stands, and control frameworks aligned to NIST and CIS benchmarks.
• Assist with control assessments, evidence collection, and audit readiness activities.
• Partner in remediation tracking and risk communication efforts.

• Assist in maintaining Microsoft 365 and Entra security baselines, including MFA and Conditional Access.
• Support identity governance and least privilege enforcement.
• Gain exposure to identity integrations and access control models.

• Manage security for enterprise data platforms and SaaS integrations.
• Assist in monitoring and protection of data access and usage patterns.

• Partner with technology and business teams to support secure operations.
• Communicate security issues in clear, business-relevant terms.
• Contribute to documentation, reporting, and continuous improvement efforts.

Education and Experience

• 2-4 years of experience in Information Security, Security Operations, or IT Security
• Direct experience with EDR platforms (Sentinel One and/or Huntress preferred)
• Experience working with or alongside managed SOC/MDR providers
• Strong ability to triage and prioritize security alerts

Technical & Professional Expertise

• Familiarity with endpoint security tools and alert management workflows
• Understanding of incident response fundamentals
• Ability to translate technical security issues to non-technical stakeholders
• Strong organizational and critical thinking skills

Preferred Experience

• Working knowledge of Arctic Wolf, Microsoft 365, Entra, or similar platforms
• Exposure to AWS environments and cloud security concepts
• Familiarity with security frameworks (NIST, CIS)
• Experience in environments with third-party SOC or MDR providers

Key Competencies

• Strong attention to detail and operational ownership
• Analytical mindset with sound judgment
• Ability to manage multiple priorities
• Collaborative and team orientated
• Clear written and verbal communication