Security Operations Analyst, Senior

Security Operations Analyst

Newfold Digital is a leading web technology company serving millions of customers globally. Our customers know us through our robust portfolio of brands. We have some of the industry's most prominent and storied go-to-market brands, including Bluehost, HostGator, Domain.com, Network Solutions, Register.com and Web.com. We help customers of all sizes build a digital presence that delivers results. With our extensive product offerings and personalized support, we take pride in collaborating with our customers to serve their online presence needs. The strength of our company lives in the intersection of our people, our customers, and our brands.

Security Operations Analyst is responsible for the day-to-day monitoring, analysis, and investigation of security threats across enterprise systems and networks. The role triages and responds to security alerts and incidents, working both independently and in collaboration with senior analysts on known or suspected threats.

The analyst supports incident response, threat intelligence, and forensic analysis activities in alignment with established security best practices and control frameworks. This includes identifying anomalies, escalating issues as appropriate, and contributing to the improvement of detection and response processes.

Security Operations Analysts may work shifts and participate in on-call rotations to support global operations and ensure continuous security monitoring coverage.

General Duties and Responsibilities

• Develop and deliver security reports and metrics to support operational awareness and leadership decision-making.
• Identify and support mitigation of information security risks, including evaluating projects and initiatives for alignment with security requirements, policies, and standards.
• Support internal and external audits by collecting and analyzing evidence, assessing control effectiveness, and ensuring adherence to established security frameworks and policies.
• Track and manage remediation activities, including corrective action plans and audit findings, ensuring timely resolution of identified security issues.
• Identify, investigate, and respond to security incidents, including analyzing root cause and impact to contain threats and reduce organizational risk.
• Maintain and support security tools, controls, and monitoring capabilities to ensure effective detection and response.
• Develop, implement, and continuously improve threat-informed detections and automated response playbooks, including use case development, rule creation, tuning, validation, and optimization through incident feedback and testing.
• Monitor systems and security telemetry for violations, vulnerabilities, and anomalous activity.
• Analyze and apply threat intelligence to enhance detection, response, and situational awareness.
• Identify and support onboarding and validation of security telemetry to ensure effective detection and visibility.
• Collaborate with cross-functional teams to support incident response, remediation, and security improvements.
• Assist in the evaluation and selection of security technologies and solutions to support detection, monitoring, and response capabilities.

Educational and Certification Requirements

A degree in Cybersecurity, Information Technology, Computer Science, or related field is desirable.

Industry-recognized certifications are a plus and may include: CompTIA Security+ or CySA+, Microsoft SC-200, GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Cyber Threat Intelligence (GCTI), GIAC Security Operations Certified (GSOC), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and relevant cloud or security vendor certifications (e.g., SIEM, SOAR, endpoint, or cloud security platforms).

General Knowledge, Skills, and Abilities

• Working knowledge of security controls including access control, authentication, encryption, system integrity, and logging as applied to security monitoring and detection.
• Experience with security operations including monitoring, incident response, and incident management procedures, with the ability to investigate, escalate, and respond to security events.
• Ability to develop, modify, and maintain threat detection rules within SIEM platforms, including tuning alerts and improving detection fidelity.
• Understanding of security telemetry, including log collection and ingestion (e.g., syslog, Windows Event Forwarding, ELK), normalization, and data quality considerations to support effective detection and visibility.
• Strong knowledge of operating systems (Windows, Linux, macOS), identity systems (e.g., Active Directory), and network fundamentals (TCP/IP, DNS) as they relate to security monitoring and investigation.
• Experience with endpoint, network, and host-based security tools including EDR, IDS/IPS, firewalls, vulnerability scanners, and host-based detection/prevention systems.
• Ability to analyze and correlate data across multiple security and telemetry sources to identify patterns, anomalies, vulnerabilities, and potential security threats.
• Experience applying security frameworks such as MITRE ATT&CK to map adversary behaviors and support detection and response development.
• Experience with malware analysis, network forensics, and digital forensics concepts and tools; reverse engineering skills are a plus.
• Ability to assess security threats and implement timely mitigations under pressure.
• Experience using scripting languages such as Python, PowerShell, or equivalent to support automation, analysis, and response activities.
• Strong collaboration and communication skills with the ability to build effective relationships across technical and non-technical teams.
• Experience with security platforms and tools including SIEM, SOAR, EDR, vulnerability management, and threat intelligence tools (e.g., Google SecOps/Chronicle, Microsoft Defender for Endpoint, SentinelOne Singularity, Tanium Threat Response, Recorded Future).
• Experience with cloud security monitoring and native security services across AWS, Azure, Google Cloud, or OCI is a plus.
• Familiarity with security-focused frameworks, methodologies, and best practices for detection, response, and vulnerability management is a plus.
• Ability to analyze and apply threat intelligence to support detection, investigation, and response activities.
• Experience developing or working with automated response workflows and playbooks (SOAR).

Advanced professional role requiring strong technical proficiency in security operations, detection, and incident response. Works independently with minimal supervision on complex investigations, exercising sound judgment to resolve issues, identify risks, and escalate appropriately.

Serves as a senior technical resource for the team, providing guidance, mentorship, and cross-training to junior analysts while promoting consistent standards for analysis, detection, and response. Contributes to the development and continuous improvement of detection logic, alert tuning, and response playbooks.

Effectively communicates with both technical and non-technical stakeholders and collaborates with peers on complex issues to enhance team capability. May assist in coordinating and tracking tasks for junior team members.

Typically requires 5–7+ years of experience in security operations or related disciplines, with demonstrated expertise in security analysis and incident response.

This Job Description includes the essential job functions required to perform the job described above, as well as additional duties and responsibilities. This Job Description is not an exhaustive list of all functions that the employee performing this job may be required to perform. The Company reserves the right to revise the Job Description at any time, and to require the employee to perform functions in addition to those listed above.