Ivanti - Senior Security Analyst-Falcon NG SIEM experience

• Lead and execute security incident response, leveraging your deep expertise to manage and mitigate threats across Ivanti’s global footprint. • Uncover both known and unknown threats using advanced incident response techniques, threat hunting, threat intelligence, and a strong understanding of attacker TTPs. • Conduct thorough investigations involving external attacks, insider threats, and digital forensics, ensuring stakeholders stay informed with comprehensive reporting. • Analyze security logs from diverse sources (SIEM, EDR, DLP, email threat detection, and cloud platforms such as Azure, AWS, and GCP), proactively identifying and disrupting potential threats before impact. • Develop detection content, craft automation to streamline and elevate security response efficiency, and improve our overall detection and response capabilities. • Provide actionable risk mitigation strategies, recommendations, and thorough documentation to enhance Ivanti’s security posture. • Work closely with Senior Threat Analysts, the Incident Response Manager, and the Security Architecture team to coordinate, escalate, and resolve information security events. • Contribute to knowledge sharing and mentorship within the team to build collective expertise in modern cyber defense. • Bachelor’s degree in Information Systems, MIS, Computer Science, Cybersecurity, or a related technical field. • 7+ years’ experience in cybersecurity incident response, threat hunting, SOC operations, and/or digital forensics in enterprise-scale environments. • Experience in Mimecast and Falcon NG-SIEM is must. • Mastery of security tools and platforms including SIEM, EDR, DLP, email security gateways, cloud security (Azure, AWS, GCP), forensic toolsets, and network security solutions. • Expertise with Windows, Linux, and/or Mac operating systems—at the filesystem and artifact level. • Strong familiarity with the MITRE ATT&CK framework and hands-on experience in mapping real-world attacks to attacker techniques. • In-depth understanding of anomalous activity, lateral movement, living-off-the-land techniques, and common attacker tradecraft. • Excellent organizational skills, time management, and ability to thrive in dynamic, fast-paced environments. • Exceptional communication skills—able to produce clear reports and guidance for both technical and non-technical stakeholders. • Proven collaboration skills with internal and external teams to effectively research and implement countermeasures against novel and persistent threats. • Bonus points for:** Industry-recognized certifications such as SANS (GCIH, GCFA, GNFA), CompTIA (CySA+, Security+), EC-Council (CEH), or Blue Team certifications.