Senior Security Operations Analyst

Glocomms is partnering with a well known private wealth management firm looking to expand their technology team. The Senior Security Operations Analyst is responsible for operating, enhancing, and automating enterprise security controls to protect organizational systems. This role partners closely with IT and business stakeholders to investigate security incidents, reduce attack surface, and manage vulnerabilities.

Key Responsibilities

• Operate, configure, and optimize enterprise security tools including Microsoft Defender (Endpoint, Email, Cloud), Azure Security and Compliance (DLP, Purview), Rapid7 (Vulnerability Management and SIEM), and Cisco Umbrella.
• Evaluate and deploy new security technologies to strengthen the organization's security posture.
• Continuously improve monitoring, detection, and response capabilities.
• Lead and participate in security incident investigations, including triage, root cause analysis, and remediation.
• Coordinate corrective actions and post-incident improvements across technical teams.
• Support development of proactive security controls to reduce future risk.
• Develop and maintain automation using PowerShell, Python, or similar tools to streamline security operations.
• Integrate security tooling into operational workflows to improve efficiency and consistency.
• Operate the vulnerability management program using tools such as Rapid7, Nessus, or Qualys.
• Analyze findings, prioritize risk, and coordinate remediation with infrastructure and application teams.
• Track risk reduction and report on remediation metrics.
• Leverage public and proprietary threat intelligence to identify emerging threats.
• Translate intelligence into actionable detections, controls, and defensive measures.

Qualifications & Experience

• Bachelor's degree or equivalent professional experience and certifications.
• 3+ years of experience in a security analyst or related security role (financial services experience preferred).
• Strong knowledge of Microsoft enterprise technologies including Azure, Active Directory, Office 365, Windows Server, and Windows endpoints.
• Hands-on experience with security tools such as SIEM, DLP, SOAR, IAM, endpoint protection, and IDPS.
• Proven experience administering vulnerability management platforms (Rapid7, Nessus, Qualys, or similar).
• Familiarity with security frameworks including NIST, CIS Critical Security Controls, and ISO standards.
• Demonstrated scripting and automation experience (PowerShell, Python).

Preferred Certifications

• CISSP, CISM, CEH, Security+, GSEC, or equivalent.

Skills & Competencies

• Strong analytical and critical-thinking abilities
• Ability to manage multiple priorities in a fast-paced environment
• Clear and effective written and verbal communication
• Self-directed and results-oriented
• Comfortable operating in a small team balancing tactical execution and strategic improvement

Work Environment & Requirements

• Onsite role (4 days per week)
• Ability to lift up to 15 pounds, if needed
• Must meet U.S. employment and work authorization requirements