Skip to content
OpenLoopOpenLoopNashville, TN

Senior Staff Security Analyst

Senior individual contributor anchoring security operations. Owns complex SecOps work end-to-end: threat hunting, IR/forensics, vuln management, attack surface management, and AI-assisted detection engineering in a HIPAA-regulated environment.

Salary not listed
Remote10+ YOESecurity Engineering

About the role

What You'll Do

AI-assisted security operations. Use AI tools (Claude, copilots, and emerging agentic platforms) as a force multiplier across every part of the job - accelerating triage and investigation, drafting and refining detections, summarizing alerts and incidents, automating repetitive analyst work, and improving the metrics that matter (MTTD, MTTR, dwell time, analyst throughput). Set the bar for how the security team uses AI responsibly in a PHI environment.

Threat hunting. Develop and execute hypothesis-driven hunts across endpoints, cloud workloads, identity, and SaaS. Translate hunt findings into durable detections. Utilize AI and automation to turn Threat Hunting into a powerful, proactive tool.

Vulnerability management. Drive the vulnerability lifecycle - discovery, prioritization (risk-based, not just CVSS), remediation tracking, and reporting. Partner with engineering to close real risk fast.

Attack surface management. Maintain visibility into our external and internal attack surface across cloud, SaaS, third parties, and acquired entities. Find exposure before someone else does.

Incident response and digital forensics. Assist, however necessary, the Lead Incident Responder with investigations and security incidents from triage through containment, eradication, recovery, and post-incident review. Perform host, network, cloud, and memory forensics. Assist with IR playbooks and the evidence chain.

Fraud assessment. Drive deep analysis on the source of digital fraud. From payment card to cyber-initiated fraud, understand the how and why on the digital fraud frontier.

Cross-functional partnership. Work directly with Engineering, IT, Operations, and Compliance. Translate security findings into clear asks with concrete next steps. Attack problems, not people.

Healthcare-specific risk. Apply controls that fit a HIPAA-regulated, PHI-handling environment. Help us move at purposeful speed without breaking what matters.

Who You Are

  • 10–12 years of progressive experience in security operations, with deep hands-on work across all of: digital forensics, incident response, vulnerability management, attack surface management, threat hunting, and security analytics.
  • Demonstrated ownership of major security incidents end-to-end - you've been the technical lead, not just on the bridge.
  • Working knowledge of cloud security, endpoint detection and response, SIEM platforms, identity providers, and modern attacker tradecraft (MITRE ATT&CK fluency expected).
  • Detection engineering experience — you've written, tuned, and retired detections, and you can defend your choices with data.
  • Scripting and automation proficiency (Python, PowerShell, or similar) — enough to build what you need rather than wait for it.
  • Demonstrated, hands-on use of AI tools (Claude, ChatGPT, GitHub Copilot, or equivalent) as part of day-to-day security work — not just experimentation. You can point to specific examples of how AI changed your throughput, your detection quality, or your time-to-resolution.
  • Clear point of view on AI safety and data handling — especially what's appropriate to send to which tools when PHI, credentials, or sensitive telemetry are involved.
  • Clear written and verbal communication. You can brief an engineer, a clinician, and an executive on the same incident and have all three walk away with what they need.

Strongly Preferred

  • Experience in a healthcare, fintech, or other regulated environment with sensitive data handling requirements.
  • Working familiarity with HIPAA, HITRUST, or SOC 2 from the operator side — not just the audit side.
  • Industry certifications such as GCFA, GCIH, GNFA, GCTI, OSCP, or equivalent demonstrated expertise.
  • Experience supporting M&A security integration or multi-entity environments (we operate across several subsidiaries).
  • Experience building AI-assisted workflows or automations for security operations (custom prompts, agentic workflows, integrations with SIEM/EDR/ticketing).
  • Familiarity with prompt engineering, retrieval-augmented patterns, or building internal tooling on top of LLM APIs.

Skills

PythonPowerShellSIEMEdrMitre Att&CkCloud SecurityDigital ForensicsIncident ResponseVulnerability ManagementThreat Hunting
Zocdoc

Senior Staff Security Engineer, Vulnerability Management

ZocdocUnited States

Senior Staff Security Engineer owning the roadmap for an AI-driven vulnerability scanning, triage, and automated remediation platform. Requires 8+ years in security engineering with deep cloud/container expertise, offensive security experience, and proficiency in Python/Go/Rust.

200k – 290k
Remote8+ YOESecurity Engineering
Plaid

Staff Software Engineer

PlaidNew York, NY +2

Staff Software Engineer building and leading development of Plaid's core security infrastructure including IAM, key management, encryption, and access control systems. Requires experience with scalable secure systems architecture plus technical leadership.

222k – 328k
Hybrid7+ YOESecurity Engineering
Anthropic

Staff+ Application Security Engineer

AnthropicSan Francisco, CA +2

Staff Application Security Engineer focused on M&A due diligence and secure integration of acquired codebases and systems at Anthropic. Lead security assessments, risk readouts, post-close remediation and automation using Claude, while contributing to core AppSec work. Requires 7+ years AppSec experience, rapid codebase assessment skills, and coding ability.

320k – 485k
Hybrid7+ YOESecurity Engineering
Confluent

Staff Security Risk & Compliance Program Manager

ConfluentTexas

Own and evolve Confluent's internal access management program with focus on machine/workload identity, S2S auth, non-human identities, and AI agent controls. Set the Access Management Standard, own metrics/reporting/OKRs, and drive governance, risk reduction, and cross-functional execution for least-privilege outcomes.

222k – 261k
Remote8+ YOESecurity Engineering
Abridge

Senior/Staff Infrastructure Security Engineer

AbridgeSan Francisco, CA +1

Senior/Staff Infrastructure Security Engineer building self-service security platforms, automating DevSecOps workflows, and designing high-scale security data pipelines and IaC guardrails in a greenfield cloud-native environment at an AI healthcare company. Requires 8+ years software engineering experience with deep cloud and IaC expertise.

214k – 252k
Remote8+ YOESecurity Engineering