Security Analyst III - Cyber Defense

About the Company At Playlist, life's richest moments happen when people step away from screens to move, connect, explore, and play. We're building the definitive platform for intentional living, connecting people with inspiring experiences in fitness, wellness, and beyond. With popular brands like Mindbody and ClassPass, Playlist empowers businesses and individuals, making it effortless for aspirations to become actions. Join us in reshaping technology's role to foster meaningful, real-world connections. Who we are We are a dedicated team of security professionals focused on evolving Playlist's security posture. Our collective goal is to protect the future, fostering increased opportunities for wellness businesses worldwide to empower their customers in leading secure and healthy lives. Committed to a higher purpose, we continuously challenge ourselves and our organization to excel, understanding the strength derived from collaborative efforts towards a common goal. We are advocates for a diverse workplace, fostering an environment where individuals can bring their authentic selves to contribute to our shared success. At the heart of our achievements lies the belief in the value of our people. If you share our passion and vision, consider joining our team, and let's explore the remarkable feats we can achieve together! Your role The Security Analyst III is a critical expert position within our Security Operations Center, serving as the second most senior member of the SOC team. This role combines expert-level incident response leadership with team mentorship, operational process improvement, and proactive threat defense capabilities. The ideal candidate brings deep security operations experience and proven incident command abilities, enabling them to lead our most complex security incidents, elevate our team's technical capabilities, and drive operational maturity. You'll work directly with the Director of Cyber Defense to strengthen our incident response resilience, optimize detection coverage, and build the foundational processes that enable our SOC to scale. Success in this role requires broad technical expertise across modern cloud and SaaS environments, strong technical leadership and mentorship abilities, self-directed operational thinking, and the capability to identify and solve problems proactively. You'll be the expert in the room that others look to for guidance during our most challenging security events. Responsibilities Lead complex security incidents as incident commander from detection through resolution, providing expert-level response capabilities Mentor our incident response team on advanced IC techniques, stakeholder management, driving incident closure, and conducting effective after-action reviews Serve as technical escalation point for investigations requiring deep expertise in cloud security, application security, and modern adversary techniques Develop team capabilities through hands‑on mentorship during real incidents, teaching investigative methodologies and building technical depth in cloud, application, and detection fundamentals Proactively identify and fix operational gaps without being directed—establish SOC metrics, improve processes, document workflows, and optimize our MSSP partnership Improve detection coverage by conducting post-incident analysis, mapping gaps to MITRE ATT&CK, partnering with MSSP on custom rules and alert tuning Conduct threat-informed activities including hypothesis-driven threat hunts, operationalizing threat intelligence, and translating threat landscape insights into detection improvements Build relationships with service-owning teams to improve cross-team coordination and SOC engagement About the right team member You are a seasoned security operations professional with proven leadership abilities who thrives on building operational excellence. You see problems and fix them without waiting to be told. You're equally comfortable leading a critical incident at 3am, mentoring a junior analyst through a complex investigation, or identifying process gaps that need attention. You lead from the front through expertise and example, not authority. You value documentation and repeatability while knowing when to challenge existing processes. You're looking for high autonomy, direct impact, and the opportunity to shape how a growing SOC operates. You’ll thrive in this role with experience in Must Have 7–10+ years in security operations with proven incident commander experience leading complex, multi‑team security incidents Strong cloud security knowledge (AWS, Azure, or GCP) including architecture, IAM, logging, and attack patterns Expert investigation skills across SIEM (Google Chronicle preferred), EDR (CrowdStrike preferred), and cloud security platforms Demonstrated ability to mentor analysts and improve team technical capabilities Self‑directed operational mindset—identifies gaps and implements solutions without constant oversight MITRE ATT&CK framework expertise and understanding of modern adversary techniques Strong communication skills for directing senior analyst during incidents and explaining complex topics clearly Nice to Have Detection engineering or SIEM rule writing experience Threat hunting methodologies and frameworks Threat intelligence consumption and operationalization Scripting/automation (Python, PowerShell) Application security fundamentals GIAC (GCIA, GCIH, GCFA), CISSP, or comparable certifications Compensation It is Playlist’s intent to pay all Team Members competitive wages and salaries that are motivational, fair and equitable. The goal of Playlist’s compensation program is to be transparent, attract potential employees, meet the needs of all current employees, and encourage Team Members to stay with our organization. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to skill set, depth of experience, certifications, and specific work location. The base salary range for this position in the United States is $100,000 to $130,000. The total compensation package for this position may also include a performance bonus, benefits and/or other applicable incentive compensation plans. Equal Opportunity Employer The Company is an Equal Opportunity Employer. We highly value diversity at our company and encourage people of all different backgrounds, experiences, abilities and perspectives to apply. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or other protected characteristics. Disclaimer Note: This description outlines key responsibilities but isn’t intended to cover every task or duty. Additional responsibilities may be assigned as needed to support the team and business goals. #J-18808-Ljbffr Playlist