[Hiring] Cyber Threat Analyst - Detection Automation and Engineering @Phia LLC
This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.
Role Description
phia is seeking a Cyber Threat Analyst to support cybersecurity integration efforts across a large‑scale enterprise environment. This role focuses on performing triage, threat detection, incident analysis, and automation development leveraging AI/ML capabilities.
• Perform triage on all security escalations and detections to determine scope, severity, and root cause.
• Monitor cybersecurity events, detect potential incidents, and conduct detailed investigations.
• Identify, recommend, develop, and implement automation use cases leveraging AI/ML technologies.
• Support deployment, configuration, testing, and maintenance of Security Orchestration, Automation, and Response (SOAR) platforms and AI/ML‑enabled tools to strengthen detection and response.
• Provide ongoing support to the Program Manager as required.
• Communicate complex technical information clearly to non‑technical audiences.
• Influence stakeholders to comply with cybersecurity policies, standards, and best practices.
Qualifications
• Cybersecurity professional with 7+ years of experience in security operations, threat hunting, and incident response.
• Experienced analyzing alerts from Cloud, SIEM, EDR, and XDR tools—preferably SentinelOne, Armis, and Splunk.
• Skilled in configuring network devices and analyzing network traffic.
• Familiar with cybersecurity operations center (SOC) functions and enterprise security workflows.
• Experienced working with AI/ML‑based security tools and developing SOAR use cases.
• Proficient in configuring or re‑configuring tools such as SentinelOne and Splunk.
• Knowledgeable in applying frameworks such as MITRE ATT&CK and NIST to develop actionable monitoring solutions.
• Must hold at least one of the following certifications: CISSP, CISA, CISM, GIAC, RHCE.
Requirements
• BA/BS in Cybersecurity, Computer Science, Information Technology, or a related field or equivalent hands‑on experience.
• 7+ years supporting enterprise security operations, detection engineering, and incident response.
• Extensive experience with SIEM/EDR/XDR platforms, network analysis, and security automation.
Benefits
• Medical Insurance
• Dental Insurance
• Vision Insurance
• Life Insurance
• Short Term & Long Term Disability
• 401k Retirement Savings Plan with Company Match
• Paid Holidays
• Paid Time Off (PTO)
• Tuition and Professional Development Assistance
Security Clearance/Vetting
• U.S. Citizenship required
• Ability to obtain Public Trust clearance
Work Schedule
• Monday-Friday core daytime
• Remote work location
• Days off: Saturday and Sunday
• Travel: N/A
• Telework eligibility: Yes
• Security requirements: Public Trust
Apply Now
Apply Now
Role Description
phia is seeking a Cyber Threat Analyst to support cybersecurity integration efforts across a large‑scale enterprise environment. This role focuses on performing triage, threat detection, incident analysis, and automation development leveraging AI/ML capabilities.
• Perform triage on all security escalations and detections to determine scope, severity, and root cause.
• Monitor cybersecurity events, detect potential incidents, and conduct detailed investigations.
• Identify, recommend, develop, and implement automation use cases leveraging AI/ML technologies.
• Support deployment, configuration, testing, and maintenance of Security Orchestration, Automation, and Response (SOAR) platforms and AI/ML‑enabled tools to strengthen detection and response.
• Provide ongoing support to the Program Manager as required.
• Communicate complex technical information clearly to non‑technical audiences.
• Influence stakeholders to comply with cybersecurity policies, standards, and best practices.
Qualifications
• Cybersecurity professional with 7+ years of experience in security operations, threat hunting, and incident response.
• Experienced analyzing alerts from Cloud, SIEM, EDR, and XDR tools—preferably SentinelOne, Armis, and Splunk.
• Skilled in configuring network devices and analyzing network traffic.
• Familiar with cybersecurity operations center (SOC) functions and enterprise security workflows.
• Experienced working with AI/ML‑based security tools and developing SOAR use cases.
• Proficient in configuring or re‑configuring tools such as SentinelOne and Splunk.
• Knowledgeable in applying frameworks such as MITRE ATT&CK and NIST to develop actionable monitoring solutions.
• Must hold at least one of the following certifications: CISSP, CISA, CISM, GIAC, RHCE.
Requirements
• BA/BS in Cybersecurity, Computer Science, Information Technology, or a related field or equivalent hands‑on experience.
• 7+ years supporting enterprise security operations, detection engineering, and incident response.
• Extensive experience with SIEM/EDR/XDR platforms, network analysis, and security automation.
Benefits
• Medical Insurance
• Dental Insurance
• Vision Insurance
• Life Insurance
• Short Term & Long Term Disability
• 401k Retirement Savings Plan with Company Match
• Paid Holidays
• Paid Time Off (PTO)
• Tuition and Professional Development Assistance
Security Clearance/Vetting
• U.S. Citizenship required
• Ability to obtain Public Trust clearance
Work Schedule
• Monday-Friday core daytime
• Remote work location
• Days off: Saturday and Sunday
• Travel: N/A
• Telework eligibility: Yes
• Security requirements: Public Trust
Apply Now
Apply Now