Security Analyst

Summary:

Role & responsibilities:

Operational Security & Incident Response

- Monitor, review, and analyze security alerts and events from SIEM, EDR, and cloud platforms to identify, triage, and respond to threats.

- Escalate, investigate, and coordinate incident response activities as needed, collaborating with global and regional teams.

- Support regional offices by addressing security requests, conducting investigations, and providing tailored security guidance.

- Maintain accurate documentation of incidents, investigations, and actions taken within incident reports.

Detection Engineering & Content Management

- Design, implement, and tune detection rules, analytics, and pipelines to improve threat coverage and reduce false positives.

- Manage the full lifecycle of detection content: ideation, development, testing, deployment, and retirement.

- Map detection logic to adversary frameworks (e.g., MITRE ATT&CK) and track coverage against evolving threats.

Threat Hunting & Analytics

- Develop and execute hunt hypotheses based on threat intelligence, telemetry, and environmental changes.

- Share hunt outcomes and lessons learned to strengthen overall detection and response posture.

Threat Intelligence Integration

- Collect, analyze, and operationalize threat intelligence relevant to MathWorks threat landscape.

- Integrate CTI into detection engineering and hunting to anticipate and disrupt adversary behaviors.

- Maintain awareness of emerging TTPs, vulnerabilities, and global threat activity.

Minimum qualifications:

Additional qualifications:

Required Skills:

- Hands-on experience with SIEM, EDR, and cloud security tools.

- Proficiency in triaging and responding to security alerts and incidents in a global enterprise environment.

- Scripting/automation skills (Python, PowerShell, Bash) for detection, hunting, or process improvement.

- Understanding of MITRE ATT&CK and adversary behavior frameworks.

- Experience with threat intelligence platforms and integrating CTI into detection or response workflows.

- Strong analytical, documentation, and communication skills for cross-team collaboration.

Preferred Skills:

- Experience with detection-as-code, SOAR platforms, and automation of security operations.

- Experience supporting regional/global offices and collaborating across time zones.

- Commitment to continuous learning and professional development in security operations and detection engineering.

keshavk@mathworks.com