Senior Security Operations Analyst

Who We Are

In today’s work environment, employees use a myriad of devices to access IT applications and data over multiple networks to stay productive, wherever and however they work. Ivanti elevates and secures Everywhere Work so that people and organizations can thrive.

While our headquarters is in the U.S., half of our employees and customers are outside the country. We have 36 offices in 23 nations, with significant offices in London, Frankfurt, Paris, Sydney, Shanghai, Singapore, and other major cities around the world.

Ivanti’s mission is to be a global technology leader enabling organizations to elevate Everywhere Work, automating tasks that discover, manage, secure, and service all their IT assets. Through diverse and inclusive hiring, decision-making, and commitment to our employees and partners, we will continue to build and deliver world-class solutions for our customers.

Our Culture - Everywhere Work Centred Around You

At Ivanti, our success begins with our people. This is why we embrace Everywhere Work across the globe, where Ivantians and our customers are thriving. We believe in a healthy work-life blend and act on it by fostering a culture where all perspectives are heard, respected, and valued. Through Ivanti’s Centred Around You approach, our employees benefit from programs focused on their professional development and career growth.

We align through our core values by locking arms in collaboration, being champions for our customers, focusing on the outcomes that matter most and fighting the good fight against cyber-attacks . Are you ready to join us on the journey to elevate Everywhere Work?

Why We Need you!

As part of the Threat Operations team, you will work with other analysts to help defend Ivanti and its resources from threats foreign and domestic, enforce safe computing standards and policies, and be part of larger incident response teams as well as support Threat Operations daily activities and functions.

The primary focus of this position in Information Security is to operate in a blue team member capacity and collaborate with internal stakeholders, IT, and product engineering teams to present a unified security posture to our customers and the world.

What You Will Be Doing

• Triage and respond to security escalations from our internal monitoring tools, users, and MSSP and implement an appropriate containment and remediation response to the threat.
• Monitor AWS, Azure, and physical environments for security incidents, assess their severity, and initiate the incident response process with particular focus on cloud-native threat detection and monitoring.
• Lead and participate in incident response teams, coordinating response efforts and ensuring timely resolution of security incidents.
• Conduct proactive threat hunting exercises to identify advanced persistent threats and emerging attack patterns across cloud and on-premises environments.
• Support the Digital Forensic & Investigations Team in high tech investigations in the form of electronic evidence, computer forensic analysis, e-mail analysis, data recovery and network assessments in support of our Legal, Talent, Confidentiality, and Insider Threat organisations.
• Perform digital forensics analysis on compromised systems, network artifacts, and cloud resources to determine scope and impact of security incidents.
• Assist in post-incident analysis and documentation to improve incident response processes.
• Develop, maintain , and optimise security playbooks and standard operating procedures for incident response and threat hunting activities.
• Perform testing and tuning of detection and response security tools, EDR, Spam, IPS/IDS, Splunk, and other security tools to enhance detection capabilities.
• Participate in hypothesis-driven threat hunting exercises using existing and alternative toolsets, with emphasis on cloud security monitoring.
• Leverage Splunk and other SIEM platforms to analyse security events, create custom dashboards, and develop detection rules.
• Perform research on emerging threats and update detection rules, threat models, and other tools.
• Evaluate new technologies and processes that enhance security capabilities.
• Collaborate with cross-functional teams to prioritise and address identified vulnerabilities and other security issues.
• Stay updated on the latest trends and developments in cloud security and related technologies.
  
  

To Be Successful in The Role, You Will Have :

• Strong understanding of cloud computing concepts and hands-on experience with major cloud platforms such as AWS and Azure, including native security services and monitoring capabilities.
• Proven experience in threat hunting methodologies and frameworks, with ability to develop and execute hunting hypotheses.
• Solid digital forensics experience including disk imaging, memory analysis, network forensics, and evidence handling procedures.
• Demonstrated experience with Splunk including search processing language (SPL), dashboard creation, alert configuration, and data onboarding.
• Experience developing and maintaining security playbooks, runbooks, and standard operating procedures for incident response.
• A familiarity with both Windows and Linux environments and you are not afraid of the command line.
• A strong knowledge of networking protocols, security technologies, and security frameworks.
• An interest in solving puzzles and problems in unconventional ways.
• Comprehensive understanding of common security vulnerabilities, threats, and attack vectors including cloud-specific threats.
• Extensive experience with security tools such as vulnerability scanners, SIEM, IDS/IPS, EDR and antivirus systems.
• Proficiency in scripting languages (e.g., Python, PowerShell) to automate security processes and analysis tasks.
• Experience with cloud security monitoring tools and services (e.g., AWS CloudTrail, Azure Sentinel, AWS GuardDuty ).
  
  

At Ivanti, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by applicable law. Ivanti believes that diversity and inclusion among our teammates is critical to our success as a global company, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool.

If you require special assistance for the best interview experience, please contact us at [email protected] .