Senior Information Security Analyst

Overview

Senior Information Security Analyst (Project Management)

With constant innovation, cutting-edge technology, and fast-paced development, we're looking for talented professionals to join our Information Technology team to help us continue delivering an unparalleled customer experience. The Security Operations team protects the foundation that makes Stuller’s promises possible. We partner with teams across the organization to build security in from the start, hunt threats before they interrupt operations, and empower everyone to play a role in keeping Stuller secure.

We maintain continuous monitoring of systems through our partnership with managed detection and response providers, while our analysts and engineers investigate incidents, make rapid decisions on response actions, and maintain the security capabilities that protect customer data and support our PCI-DSS compliance. We work collaboratively, share knowledge continuously, and follow frameworks like NIST CSF to strengthen our defenses while enabling the business to move fast.

As a Senior Information Security Analyst, you ll conduct advanced threat detection and incident response that protects the foundation of Stuller operations. Working within our Security Operations Center, you ll investigate complex security events, proactively hunt threats across our infrastructure, and provide technical mentorship to analysts developing their skills. This senior-level role requires deep SOC expertise and the ability to execute sophisticated investigations under pressure.

You ll make rapid decisions during incidents, contribute specialized knowledge to strengthen our defenses, and ensure our security tools align with NIST CSF and PCI-DSS requirements. You ll influence security strategy and help develop the next generation of security professionals as you grow toward leadership opportunities within the team. Your work enables Stuller s teams to serve customers with confidence, knowing security won t slow them down or let them down.

• Security Monitoring, Detection & Incident Response: Serve as the technical authority validating recommendations from MDR and IR providers. Analyze security events across EDR/XDR platforms, network devices, and cloud services to distinguish true threats from false positives. Approve containment actions, make rapid decisions during incidents, and coordinate with stakeholders. Provide feedback to improve detection quality and document incident details for compliance.
• Threat Hunting & Proactive Defense: Use threat intelligence, automation, and continuous monitoring to proactively hunt threats. Leverage security tools for detection and investigation, streamline response workflows, and analyze vulnerability scans. Support penetration testing, translate threat advisories into IT initiatives, and oversee implementation of security engineering changes such as rule updates, identity controls, network segmentation, and logging improvements.
• Governance, Compliance & Continuous Improvement: Maintain and update incident response runbooks, security policies, and procedures to align with best practices and regulatory requirements (NIST CSF, PCI-DSS). Support audits by providing evidence of security controls and documentation. Monitor security tool health, escalate issues, and assist with configuration and integration.
• Metrics, Reporting & Strategic Insight: Analyze incident data and trends to identify attack patterns and areas for improvement. Prepare technical reports and metrics for leadership, highlighting investigation findings and SOC performance. Use insights to recommend enhancements to detection and response capabilities and contribute to regular security posture reporting.
• Collaboration, Mentorship & Knowledge Sharing: Guide junior analysts in complex investigations and analysis techniques. Share expertise on security tools and methodologies through mentorship and documentation. Help develop incident response playbooks and SOC best practices, and participate in tabletop exercises and incident response drills to maintain readiness.

• Education & Experience: Bachelors in Computer Science, Cybersecurity, Information Systems, or related field; or equivalent with 7+ years relevant experience. Minimum 5 years in information security, including 3-4 years in a SOC or security analyst role.
• SOC Operations & Incident Response Expertise: Experience in SOC environments handling security monitoring, alert triage, and incident investigations. Skilled in the incident response lifecycle and using MITRE ATT&CK for threat classification.
• Security Monitoring & SIEM
  
  Experience:
  
  Proficient with SIEM platforms (Splunk, Microsoft Sentinel, IBM QRadar, or similar), creating search queries, and analyzing alerts from EDR/XDR, network, and cloud security tools.
• Threat Detection & Analysis: Ability to identify attack patterns (phishing, malware, unauthorized access, data exfiltration, insider threats) and correlate data from network…