Information Security Analyst
Threat & Detection · Hybrid (U.S.-based) · Full-time
Role Overview
We are hiring an Information Security Analyst focused on threat detection and offensive-security-informed assessment. You'll help evaluate client environments the way an attacker would, analyze detection and logging coverage, and translate findings into actionable improvements that strengthen monitoring and response. This is a hands-on analyst role for someone who thinks in attack paths and wants to make defenses measurably better.
Responsibilities
- Analyze detection, logging, and monitoring coverage across client environments
- Map findings to MITRE ATT&CK and identify gaps in visibility and response
- Support offensive-security-informed assessments and help validate exploitability of findings
- Review SIEM and alerting configurations and recommend tuning
- Document threats, attack paths, and remediation guidance for technical and executive audiences
- Stay current on emerging threats, TTPs, and relevant CVEs
Qualifications
- 2+ years in security analysis, SOC operations, or threat detection
- Familiarity with MITRE ATT&CK and common detection / SIEM tooling
- Exposure to offensive security concepts (pentest findings, exploit validation)
- Working knowledge of at least one cloud platform (AWS, GCP, or Azure)
- Strong written communication, able to translate technical findings into business impact
- Bonus: scripting (Python), IaC familiarity, or relevant certs (e.g., OSCP, GCIH)
Why Arbure
- Expert-Driven Culture: We're a team of practitioners focused on outcomes, not checklists
- High Growth: Join us as we scale into new markets and capitalize on growing compliance complexity
- Strong Market Positioning: A QSA Company with a growing book of enterprise work
- Impact: Help shape the future of offensive-security-informed defense