Senior Embedded Detection Analyst

Job not on LinkedIn

🕒 June 30

🇺🇸 United States – Remote

⏰ Full Time

🟠 Senior

🧐 Analyst

🦅 H1B Visa Sponsor

info
Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Abnormal Security

Abnormal Security

501 - 1000 employees

Abnormal provides total protection against the widest range of attacks including phishing, malware, ransomware, social engineering, executive impersonation, supply chain compromise, internal account compromise, spam, and graymail.

📋 Description

• Own detection performance outcomes for 3-5 strategic customer accounts, ensuring the AI engine maintains high efficacy aligned to each customer’s risk tolerance and priorities. • Become a reliable resource for customer detection issues, handling high-priority false positive and false negative escalations, often using investigation outputs from Email Security Analysts and other Threat Intel inputs. • Monitor and analyze misclassification patterns using internal detection analysis dashboards and tools. • Perform incident triage and alert correlation to systematically diagnose why detections produce false positives or miss threats, using IOCs and TTPs. • Design and implement detection tuning strategies based on customer-specific signals, attack patterns, threat intelligence, and behavioral characteristics, following established methodologies. • Fine-tune detection thresholds and configurations to optimize precision while maintaining coverage against emerging threats, balancing detection efficacy with customer experience. • Generate and present impact reports that demonstrate measurable improvement in detection improvement to both customers, and internal stakeholders, in close partnership with GTM teams. • Maintain close alignment with Sales and Customer Success leads to understand customer pain points, renewal risks, and what matters most for securing deals, without taking on primary account management responsibilities. • Document detection issues, investigation findings, and tuning approaches in a structured, reusable format to enable team learning and program improvement. • Review audit logs and analyze system interactions using internal and external tools, including AI-based analytical tools, to identify root causes, and tuning opportunities. • Identify cross-customer patterns and contribute tuning methodologies to the operational playbook that can be leveraged across the program. • Submit D360 CFN reports and AISM submissions to improve global detection coverage based on customer findings. • Provide feedback to tooling team on analysis gaps, needed capabilities, and opportunities for automation, helping shape the roadmap for detection analysis and tuning tools. • Support training of other team members by sharing investigation insights and developing repeatable methodologies, including leveraging outputs from Email Security Analysts to scale tuning impact. • Leverage AI tools (ChatGPT, Claude, Claude Code, etc.) in established workflows and investigations to accelerate research, automate routine tasks, enhance documentation, and improve problem-solving efficiency

🎯 Requirements

• 7+ years of experience in SOC operations, detection engineering, incident response, email security analysis, or related cybersecurity role. • Experience with security monitoring and detection platforms such as SIEM, EDR, email security tools, or similar technologies (experience with Abnormal Security is a plus). • Experience in email attack analysis, with ability to identify and leverage IOCs and TTPs to understand and remediate threats. • Deep understanding of precision/recall metrics (true/false negatives, true/false positives) and their business impact on security operations and customer experience. • Proven experience triaging security alerts, performing root cause analysis following established procedures, and tuning detection logic to reduce false positives while maintaining coverage. • Ability to perform standardized data analysis procedures, effectively following established runbook methodologies and debugging analysis workflows as needed • Demonstrated proficiency with AI tools (ChatGPT, Claude, Claude Code, Copilot, or similar) to enhance productivity, automate tasks, and accelerate problem-solving in both routine workflows and ad-hoc investigations. • Experience in technical writing that effectively communicates complex issues, with ability to adapt communications for audiences of varying technical expertise, particularly in customer-facing contexts. • Proven ability to work directly with customers or stakeholders on technical security issues, in collaboration with Customer Success and Sales, translating findings into business value without owning management. • Demonstrated ability to remain calm and responsive during high-pressure situations, including customer escalations and active cybersecurity incidents. • Outcome-oriented mindset that measures success by customer impact and detection improvement rather than activities completed. • Strong ownership mentality with ability to work within established processes while identifying improvement opportunities—trusted to complete tasks on time and to specification with appropriate escalation when needed.

🏖️ Benefits

• Health insurance • Professional development opportunities

Apply Now

Similar Jobs

🕒 June 29

CVS Health

10,000+ employees

⚕️ Healthcare Insurance

🛒 Retail

🧘 Wellness

Senior Analyst responsible for project management and data insights in healthcare operations. Leading cross-functional teams to enhance reporting and analytics for improved patient care.

🕒 June 29

CorroHealth

5001 - 10000

⚕️ Healthcare Insurance

☁️ SaaS

🤖 Artificial Intelligence

Revenue Analyst pursuing incorrectly paid medical insurance claims for clients at CorroHealth. Analyzing information and mentoring incoming team members to maximize profitability in the Revenue Cycle.

🕒 June 29

VetsEZ

201 - 500

🤝 B2B

☁️ SaaS

🏛️ Government

Healthcare Data Analyst supporting a federal healthcare interoperability program by analyzing healthcare data and delivering actionable insights. Collaborate with teams to define data requirements and validate transformations.

🕒 June 29

Planned Systems International

1001 - 5000

🔒 Cybersecurity

🏛️ Government

System Analyst supporting Veterans Affairs for software testing and evaluation. Focusing on systems engineering and business process improvements with technical expertise.

🕒 June 29

SKF Group

10,000+ employees

Vibration Analyst monitoring and analyzing mechanical vibrations of machinery at SKF. Providing maintenance recommendations and ensuring adherence to safety standards.

🇺🇸 United States – Remote

💵 $71k - $84k / year

💰 Post-IPO Debt on 2023-06

⏰ Full Time

🟡 Mid-level

🟠 Senior

🧐 Analyst