# Security Analyst

**Company:** [WHOOP](https://hotfix.jobs/companies/whoop)
**Location:** Boston, MA
**Role:** Security Engineering
**Experience:** 3+ years
**Skills:** SIEM, Edr, Mitre Att&Ck, Log Analysis, Threat Hunting, Incident Response, Security Monitoring, Automation, Scripting, AI Tools
**Posted:** 2026-06-04

> Security Analyst supporting day-to-day security operations, triaging alerts, investigating incidents across endpoint/cloud/SaaS, and managing security ticket queues. Requires 3+ years in security operations or incident response.

## Job Description

## Responsibilities
- Triage and investigate security alerts originating from internal security tooling as well as those escalated by external security monitoring partners.
- Monitor and manage the internal security operations ticket queue, ensuring alerts and investigations are prioritized, tracked, and resolved in a timely manner.
- Assist with investigation of security events across endpoint, identity, cloud, and SaaS platforms.
- Support incident response activities including investigation, containment coordination, documentation, and post-incident analysis.
- Respond to external threat intelligence and digital risk alerts related to potential brand abuse, impersonation, or exposed credentials.
- Collaborate with security engineering teams and external security partners to improve detection coverage and reduce false positives.
- Help identify gaps in logging, telemetry, or investigation workflows across security platforms.
- Assist with threat hunting and security investigations using data from SIEM and other security tools.
- Support vulnerability management workflows by assisting with triage, prioritization, and tracking of remediation activities.
- Own and manage the security operations queue while serving as a central intake point for security questions, alerts, and reports across the organization.
- Operate the organization’s phishing simulation program to reduce susceptibility to social engineering threats, including managing phishing campaigns and coordinating targeted remediation training.
- Identify opportunities to improve security operations through process improvements, automation, and responsible use of AI.
- Maintain documentation for incident response procedures, investigation workflows, and operational playbooks.
- Participate in the security team’s on-call rotation to support investigation and response activities when needed.

## Requirements
- 3+ years of experience in security operations, incident response, threat detection, or a related cybersecurity role.
- Experience investigating security alerts or suspicious activity across environments such as endpoint, identity, cloud, or SaaS systems.
- Experience triaging and managing security investigation workflows, including ticket queues or incident tracking systems.
- Familiarity with SIEM platforms, log analysis, and security monitoring tools.
- Understanding of common attacker techniques and frameworks such as MITRE ATT&CK.
- Experience working with security tools such as EDR platforms, identity systems, cloud logging platforms, or similar technologies.
- Familiarity with modern AI-enabled tools used in enterprise environments and an understanding of risks associated.
- Experience improving security operations through automation, scripting, or responsible use of AI to increase operational efficiency.
- Strong analytical and investigative skills with the ability to evaluate security events and determine potential impact.
- Ability to coordinate investigations across multiple teams and communicate findings clearly to technical and non-technical stakeholders.
- Strong written documentation skills for incident records, investigation notes, and operational procedures.

## Nice-to-Haves
- Relevant security certifications such as Security+, CySA+, SSCP, GSEC, or GCIH.

## Similar roles

- [Security Program Manager](https://hotfix.jobs/jobs/e7f7fcaf-1979-4194-9131-83689809fe47) - Forus - New York, NY
- [Safeguards Enforcement Analyst, Account Takeover & Credential Abuse](https://hotfix.jobs/jobs/31f5d0ec-9b31-4419-a4b1-2e826ec7a358) - Anthropic - San Francisco, CA - $245k – $285k/yr
- [Application Security Engineer](https://hotfix.jobs/jobs/d240253e-6098-4419-8f04-aaf793f42c03) - Zocdoc - Remote - $100k – $140k/yr
- [Detection & Mitigation Engineer](https://hotfix.jobs/jobs/61def9c4-f4a5-41a5-99c6-579a61033a73) - Cloudflare
- [Security & Compliance Operations Manager](https://hotfix.jobs/jobs/90ac6643-526f-4aeb-bb4f-d71bc1af1fcd) - Mintlify - San Francisco, CA - $120k – $180k/yr

**Apply:** https://hotfix.jobs/jobs/81d11cd0-8210-4faf-9f80-e5c096f97128
**Canonical:** https://hotfix.jobs/jobs/81d11cd0-8210-4faf-9f80-e5c096f97128