Principal Information Security Analyst
Gen DigitalPrincipal Information Security Analyst
Are you a senior SOC professional with strong detection engineering experience?
We are looking for a security specialist who sees the SOC not just as alert handling, but also as an engineering function in close cooperation with our Security Engineering team. This position focuses on building and continuously improving detection capabilities across multiple security platforms. You will go beyond alert monitoring by driving automation initiatives, taking ownership of detection quality, and shaping how our global SOC identifies and responds to threats.
As a global team, we operate in a follow-the-sun model, providing 24/7 coverage through regional teams working during their business hours and sharing on-call responsibilities on weekends.
Key Responsibilities
- Independently design and implement detection use cases across multiple security platforms (SIEM, WAF, EDR, DLP, email, cloud, network, and threat intelligence tools)
- Lead cross-team detection improvement initiatives to optimize detection logic, reduce false positives, and enhance alert fidelity
- Map detections to MITRE ATT&CK tactics and techniques and identify coverage gaps
- Drive automation, enrichment, and AI-assisted workflows to reduce manual effort and support faster, more informed security decision-making
- Perform deep multi-source correlation and root cause analysis across enterprise-scale telemetry
- Support complex incident investigations and provide technical expertise during escalations
- Mentor junior analysts in advanced analysis, detection engineering, and investigative techniques
- Contribute to the continuous improvement of SOC monitoring maturity, visibility, and operational efficiency
Qualifications and Work Experience
- 5+ years of hands-on experience in security operations with strong focus on detection engineering in a complex enterprise environment
- Proven experience independently designing and tuning detection use cases across multiple security platforms, including SIEM (Splunk preferred)
- Strong practical experience with multi-source log analysis across SIEM, WAF, EDR, DLP, email, cloud, network, and threat intelligence
- Understanding of cloud security concepts and experience monitoring cloud environments in major providers (AWS, Azure, GCP)
- Practical understanding of MITRE ATT&CK and the ability to align detections to attacker tactics and techniques
- Experience leading detection, monitoring, or automation improvement initiatives involving multiple security and technology teams
- Experience operating in regulated environments (e.g., fintech or financial services) is preferred
#LI-AS1
Gen is proud to be an equal-opportunity employer, committed to diversity and inclusivity. We base employment decisions on merit, experience, and business needs, without considering race, color, national origin, age, religion, sex, pregnancy, genetic information, disability, medical condition, marital status, sexual orientation, gender identity or expression, military or veteran status, or other unlawful factors. Gen prohibits discrimination based on these protected characteristics and recruits talented candidates from diverse backgrounds.
We consider individuals with arrest and conviction records and do not discriminate against employees for discussing their own pay or that of other employees or applicants. Learn more about pay transparency.
To conform to U.S. export control regulations, applicant should be eligible for any required authorizations from the U.S. Government.