Investigate and respond to escalated security incidents, perform threat hunting and root cause analysis, tune detection rules in SIEM, mentor Level 1 analysts, collaborate on incident response, and improve detection and response playbooks across the enterprise.
We are seeking a skilled and proactive Level 2 Cybersecurity Analyst to join our Cyber Defense Operations team. This role is responsible for investigating and responding to security incidents, performing advanced threat analysis, and supporting the continuous improvement of detection and response capabilities. You’ll work closely with junior analysts, threat intelligence, and incident response teams to ensure timely detection and mitigation of security threats across Citizens Bank’s enterprise environment.
Key Responsibilities
- Investigate escalated security alerts and incidents from Level 1 analysts.
- Perform root cause analysis and impact assessments of security events.
- Conduct threat hunting and anomaly detection across enterprise systems.
- Collaborate with incident response teams to contain and remediate threats.
- Correlate threat intelligence with internal telemetry to identify emerging threats and attack patterns.
- Assist in the creation of use cases and offer recommendations for tuning detection rules in SIEM and other monitoring tools.
- Recommend improvements to incident response playbooks and runbooks.
- Provide mentorship and guidance to Level 1 analysts.
- Participate in post-incident reviews and contribute to lessons learned.
- Represent Cyber Defense in cross-functional security and risk initiatives.
Required Knowledge Areas
- Deep understanding of network and endpoint security concepts.
- Knowledge of threat actor tactics, techniques, and procedures (TTPs).
- Familiarity with the MITRE ATT&CK framework and threat intelligence platforms.
- Knowledge of regulatory and compliance frameworks (e.g., NIST, ISO, PCI-DSS).
Required Skills
- Proficient in log analysis, packet capture review, and malware analysis.
- Strong analytical and problem-solving skills.
- Experience with scripting or automation (Python, PowerShell, Bash).
- Effective oral and written communication skills for both technical and non-technical audiences.
- Ability to work independently and collaboratively in a high-pressure environment.
Qualifications
- Bachelor’s degree in Cybersecurity, Computer Science, or a related field, or equivalent experience.
- 2–5 years of experience in cybersecurity operations or incident response.
- Security certifications such as CySA+, GCIH, GCIA, CEH, or equivalent preferred.
- Experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar) and EDR tools (e.g., CrowdStrike, Microsoft Defender).
- Willingness to participate in a rotating on-call schedule or extended hours during critical incidents.
Preferred Experience
- Hands-on experience with:
- SIEM Tools: Splunk, ArcSight, Sentinel, QRadar
- EDR/XDR: CrowdStrike, Microsoft Defender, SentinelOne
- Network Security: Palo Alto, Cisco, Check Point, FirePower
- Data Protection: Symantec DLP, Triton, Guardium
- Threat Intelligence & SOAR Platforms
- Cloud Security Monitoring: AWS, Azure, or GCP environments
Hours Work and Schedule
- Hours per Week: 7am - 5pm
- Work Schedule: Monday - Thursday
Top Skills
Python,Powershell,Bash,Splunk,Sentinel,Qradar,Arcsight,Crowdstrike,Microsoft Defender,Sentinelone,Palo Alto,Cisco,Check Point,Firepower,Symantec Dlp,Triton,Guardium,Mitre Att&Ck,Siem,Edr,Xdr,Soar,Aws,Azure,Gcp
Similar Jobs
.png)
eCommerce • Fintech • Hardware • Payments • Software • Financial Services
Lead product strategy and execution for Square Core Banking including checking, savings, transfers, payouts, Zelle, and foundational banking infrastructure. Own vision, cross-functional partnerships, team building, AI-enabled product practices, and metrics tying customer adoption and operational health to business outcomes.
Top Skills:
AIEmbedded FinanceInstant PayoutsInstant TransfersLedger SystemsReal-Time DataZelle
eCommerce • Fintech • Hardware • Payments • Software • Financial Services
Manage and retain a multi-million dollar SMB client base by deploying retention strategies, mitigating churn, identifying growth opportunities, coordinating cross-functional teams, and advising merchants to increase adoption and lifetime value.
eCommerce • Fintech • Hardware • Payments • Software • Financial Services
The Senior Lead of Complaints Management will oversee complaints resolution processes at Square and Afterpay, leading a team to enhance customer experience and ensure regulatory compliance.
What you need to know about the Los Angeles Tech Scene
Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
