Security Operations Analyst

Company: Tbwa Chiat/Day Inc
Location: Washington
Posted on: March 24, 2025

Job Description:

Washington, District of Columbia, United StatesAnduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology, and business model of the 21st century's most innovative companies to the defense industry, Anduril is changing how military systems are designed, built and sold. Anduril's family of systems is powered by Lattice OS, an AI-powered operating system that turns thousands of data streams into a realtime, 3D command and control center. As the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion, and networking technology to the military in months, not years.ABOUT THE JOBAnduril's Detection and Response team is looking for a Security Operations Analyst to be the watchtower for Anduril's critical defense technologies. As a SecOps analyst on the detection and response team, you'll be responsible for monitoring and responding to adversarial activity while helping incorporate key detection feedback loops with the detection engineering team. When not responding to threats, you'll be asking questions of our data sets, conducting threat hunting and data normalization operations across the organization to understand user behavior and identify anomalies.WHAT YOU'LL DO

• Triage and respond to alerts / incidents covering multiple disciplines including, but not limited to, phishing, endpoints, AWS infrastructure and services, and SaaS applications
• Build and optimize tailored detection signatures, response playbooks, and response automation using detection-as-code principles
• As the frontline of DNR, you will lead the feedback loop for detections, ensuring alerts are fine tuned to reduce false positives
• Participate in threat modeling scenarios with cross-functional partners to understand weaknesses across Cloud, Mobile, Endpoints, and other environments incorporating findings into security controls and/or detection signatures
• Organize and conduct threat hunting and data baselines to identify anomalous patterns in data
• Participate in an on-call rotation responding to security events and conducting incident response investigations while effectively communicating findings to key stakeholdersREQUIRED QUALIFICATIONS
  • Experience in security monitoring, log analysis, and detection engineering within large data sets across endpoint, network, and a wide variety of application log sources
  • Experience in Python is a must for operating in our automated SOC framework
  • Must have experience with one or more SIEM languages (SPL, KQL, SQL)
  • Broad range of practical security knowledge across the spectrum of endpoint, network, identity, application, and cloud infrastructure
  • Knowledge of attacker tactics, techniques, and procedures (TTPs) across Windows, Linux, MacOS, AWS/Azure, etc.
  • Strong communication skills and experience collaborating with internal and external stakeholders
  • Must be able to obtain and hold a U.S. Top Secret security clearancePREFERRED QUALIFICATIONS
    • Experience conducting incident response in the Cloud (AWS, Azure, GCP)
    • Digital Forensics and/or reverse engineering experience is a plus!US Salary Range: $98,000 - $147,000 USDThe salary range for this role is an estimate based on a wide range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations. Highly competitive equity grants are included in the majority of full-time offers; and are considered part of Anduril's total compensation package. Additionally, Anduril offers top-tier benefits for full-time employees, including:
      • Platinum Healthcare Benefits: For U.S. roles, we offer comprehensive medical, dental, and vision plans at little to no cost to you.
      • Basic Life/AD&D and long-term disability insurance 100% covered by Anduril, plus the option to purchase additional life insurance for you and your dependents.
      • Extremely generous company holiday calendar including a holiday hiatus in December, and highly competitive PTO plans.
      • 16 weeks of paid Caregiver & Wellness Leave to care for a family member, bond with your baby, or tend to your own medical condition.
      • Mental Health Resources: We provide free mental health resources 24/7 including therapy, life coaching, and more.
      • A professional development stipend is available to all Andurilians.
      • Daily Meals and Provisions: For many of our offices this means breakfast, lunch and fully stocked micro-kitchens.
      • Company-funded commuter benefits available based on your region.
      • 401(k) retirement savings plan - both a traditional and Roth 401(k). (US roles only)Anduril is an equal-opportunity employer committed to creating a diverse and inclusive workplace. The Anduril team is made up of incredibly talented and unique individuals, who together are disrupting industry norms by creating new paths towards the future of defense technology. All qualified applicants will be treated with respect and receive equal consideration for employment without regard to race, color, creed, religion, sex, gender identity, sexual orientation, national origin, disability, uniform service, Veteran status, age, or any other protected characteristic per federal, state, or local law.
        #J-18808-Ljbffr

Keywords: Tbwa Chiat/Day Inc, Washington DC , Security Operations Analyst, Professions , Washington, DC