About the position
Virtual Technologies Group is seeking a Senior Security Analyst to act as a primary responder and technical specialist within a staff augmentation model. In this role, you will focus on the day-to-day monitoring, investigation, and refinement of a security stack centered on AWS/Azure, Rapid7, and Proofpoint. Your goal is to move beyond basic alert monitoring to provide deep-dive forensic analysis and proactive threat hunting, ensuring that our cloud infrastructure remains resilient against emerging threats. This role requires a sharp analytical mind to evaluate complex security events and the ability to mentor junior analysts in improving incident response workflows.
Responsibilities
• Act as a primary responder and technical specialist.
• Focus on day-to-day monitoring, investigation, and refinement of a security stack centered on AWS/Azure, Rapid7, and Proofpoint.
• Provide deep-dive forensic analysis and proactive threat hunting.
• Ensure cloud infrastructure remains resilient against emerging threats.
• Evaluate complex security events.
• Mentor junior analysts in improving incident response workflows.
Requirements
• 5+ years of experience in Security Operations or Analysis.
• At least 3 years focused on investigating Cloud Security alerts (AWS or Azure).
• Proficiency in auditing cloud environments (VPC/VNet, S3/Blob access logs) and reviewing Identity & Access Management (IAM) permissions for anomalies.
• 2+ years of hands-on experience utilizing a SIEM or XDR platform (e.g., Rapid7, Splunk, or Sentinel) for event correlation and alert investigation.
• Experience interpreting vulnerability scan results, assessing their real-world exploitability, and tracking remediation progress with technical teams.
• Proven experience leading the "detect and analyze" phases of the IR lifecycle, including containment and detailed post-mortem documentation.
• Experience performing internal audits or control testing related to frameworks such as SOX or PCI-DSS.
• Ability to distill complex forensic findings into clear, concise reports for stakeholders and provide guidance to junior-level analysts.
Nice-to-haves
• Direct experience analyzing phishing and malware trends using Proofpoint (specifically TAP, TRAP, and IMD).
• Experience helping engineers refine detection logic and reducing false positives within Rapid7 InsightIDR.
• Ability to use Python or PowerShell to query logs, parse data sets, or automate common investigative steps.
• Familiarity with Microsoft Defender for Cloud and using Microsoft Purview for investigating data leakage or sensitive data exposure.
• Industry-recognized certifications such as GCIH, GCIA, CySA+, or Microsoft SC-200.
• Experience developing hypotheses for proactive threat hunts based on current IOCs and MITRE ATT&CK techniques.
• Previous experience working in a dedicated analyst capacity within a managed services or staff augmentation environment.
Benefits
• Medical insurance plans
• Dental insurance
• Vision insurance
• Health savings accounts (HSA)
• Flexible spending accounts (FSA)
• Life insurance
• Short and long-term disability insurance
• Paid time off and holidays
• 401(k) with employer match
Apply tot his job
Apply To this Job