Remote Senior Threat Operations Analyst

Summary

Join the Kaseya growth rocket ship and see how we are #ChangingLives ! As a Senior Threat Operation Analyst at Kaseya, you will play a crucial role in safeguarding our global IT management platform and infrastructure from emerging cyber threats.

Requirements

• Bachelor’s degree in Information Security, Computer Science, or a related field (Master’s degree preferred)
• 7+ years of experience in cybersecurity, with at least 3+ years in a leadership role in threat operations or incident response
• Deep understanding of network and endpoint security technologies, such as firewalls, IDS/IPS, SIEM, EDR, and vulnerability management tools
• Proven experience in handling advanced persistent threats (APTs), malware analysis, and forensic investigations
• In-depth knowledge of various attack vectors, including phishing, DDoS, ransomware, and supply chain attacks
• Strong experience in scripting and automation (Python, PowerShell, or similar) for security operations
• Relevant industry certifications (CISSP, CEH, GIAC, CISM, or equivalent) are highly desirable
• Excellent communication and leadership skills, with the ability to work well in a fast-paced, collaborative environment

Responsibilities

• Lead the security operations team in monitoring, detecting, and responding to potential threats in real-time using SIEM (Security Information and Event Management) systems and other security tools
• Conduct regular threat hunting activities to proactively identify suspicious behaviors and vulnerabilities within Kaseya’s environment
• Manage and lead the response to cybersecurity incidents, ensuring that appropriate actions are taken to contain and mitigate threats
• Develop and refine incident response playbooks, ensuring that responses are consistent, efficient, and meet compliance requirements
• Collaborate with cross-functional teams, such as IT, engineering, and compliance, during critical security incidents
• Analyze and interpret threat intelligence data from internal and external sources to identify new or emerging threats and vulnerabilities that could impact the organization or its clients
• Stay informed about the latest industry trends, vulnerabilities, and cyber-attacks, and translate that information into actionable defensive strategies
• Lead, mentor, and develop junior threat analysts and security personnel, fostering a culture of continuous improvement and security excellence
• Collaborate with senior management to ensure alignment between threat operations and the broader organizational security strategy
• Provide recommendations on improving security posture, architecture, and policies based on threat intelligence and incident findings
• Oversee the implementation, tuning, and maintenance of security tools, such as firewalls, IDS/IPS, endpoint detection & response (EDR) platforms, and SIEM systems
• Identify opportunities for automation of threat detection and response processes to increase efficiency and reduce manual workload
• Assist in the identification and assessment of vulnerabilities across Kaseya’s infrastructure and provide recommendations for remediation
• Perform regular security assessments, audits, and penetration tests to evaluate security controls and uncover potential risks
• Ensure compliance with relevant cybersecurity frameworks, such as NIST, ISO 27001, and GDPR, when handling threat operations and incident management
• Prepare detailed post-incident reports and present findings to key stakeholders, including executives and clients
• Work closely with third-party vendors, service providers, and customers to address security concerns, share threat intelligence, and respond to incidents affecting customers
• Regularly report on security metrics, including incident trends, threat landscape updates, and operational effectiveness, to senior management

Preferred Qualifications

• Experience with cloud security in platforms such as AWS, Azure, or Google Cloud
• Experience in managing SOC (Security Operations Center) teams
• Familiarity with frameworks such as MITRE ATT&CK, OWASP Top 10, and the Cyber Kill Chain
• Knowledge of regulatory compliance requirements (e.g., PCI-DSS, HIPAA, GDPR)