Note: The job is a remote job and is open to candidates in USA. TENEX.AI is an AI-native, automation-first Managed Detection and Response provider. We are seeking a highly skilled Cybersecurity Analyst to join our Security Operations Center team, where you will monitor security alerts, investigate incidents, and leverage AI technologies to enhance threat detection and response.

Responsibilities

• Monitor security alerts and events across the enterprise network, using both traditional cybersecurity tools and AI/ML-powered threat detection systems.
• Perform triage, investigation, and correlation of security events to determine the severity and impact of potential threats.
• Leverage Google Chronicle's capabilities for threat intelligence and log analysis, enhancing visibility and providing insights into potential security incidents.
• Apply AI to identify patterns, anomalies, and behaviors indicative of potential security incidents, reducing false positives and improving detection accuracy.
• Participate in on-call rotations for critical security incidents as needed.
• Investigate and analyze security incidents and breaches, leveraging AI to automate initial analysis and enhance threat hunting efforts.
• Respond to security incidents following established procedures, including containment, eradication, and recovery actions.
• Conduct root cause analysis and forensic investigations to understand attack vectors and recommend mitigation strategies.
• Utilize Google SecOps and Chronicle’s advanced tools to centralize security data, correlate events, and accelerate incident response workflows.
• Apply machine learning algorithms to identify emerging threats and trends, providing actionable insights for incident response.
• Work with Google SecOps platform tools to streamline security operations, improve threat visibility, and automate workflows.
• Collaborate with IT, Security, and Data Science teams to integrate Google Chronicle’s capabilities into the SOC, enhancing threat detection and incident resolution.
• Optimize Google Chronicle for log management, threat hunting, and advanced analytics.
• Develop and maintain automated workflows for common security incidents, leveraging AI for intelligent decision-making and faster response times.
• Automate routine SOC tasks such as log analysis, incident classification, and threat intelligence enrichment using Google SecOps and Chronicle integrations.
• Create detailed reports on incidents and threat intelligence summaries integrating AI-driven findings and insights.
• Prepare regular performance and security posture reports for internal stakeholders, highlighting key AI-driven improvements and threat mitigation outcomes.
• Generate and present reports on threat trends, and SOC operations for internal stakeholders and customers.
• Provide recommendations for security improvements and contribute to SOC playbook development.
• Work closely with cross-functional teams (e.g., IT, Customer Success, Engineering) to promote and improve AI-driven security initiatives and improve the customers' overall security posture.

Skills

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience.
• 1+ years of experience in a Security Operations Center (SOC) or a similar security-focused role.
• Hands-on experience with security analytics, log management, threat hunting, and incident response.
• Interest in applying automation and/or artificial intelligence and machine learning techniques to cybersecurity tasks, such as threat detection, anomaly detection, and security automation.
• Strong understanding of cybersecurity concepts and frameworks (e.g., NIST, Mitre, ISO, Kill Chain).
• Experience with tools for cybersecurity, such as intrusion detection systems (IDS), SIEM tools, and security automation platforms.
• Knowledge of security technologies such as firewalls, endpoint protection, IDS/IPS, and threat intelligence platforms.
• Strong analytical and problem-solving skills.
• Excellent communication skills for interacting with internal teams and external customers.
• Ability to work under pressure in a fast-paced, dynamic environment.
• Experience with security orchestration, automation, and response (SOAR) platforms.
• Exposure to cloud security platforms (e.g., AWS, Azure, Google Cloud) and the associated risks.
• Practical experience working with Google SecOps tools and Chronicle for centralized threat intelligence and event correlation.
• Hands-on experience with the Microsoft security platform (Sentinel, Defender).

Benefits

• Competitive salary and benefits package.

Company Overview