Cybersecurity Operations Analyst II

Piper Companies is seeking a Cybersecurity Operations Analyst II to join a growing security operations team responsible for threat detection, incident response, vulnerability management, and continuous improvement of defensive capabilities. This role is ideal for a cybersecurity professional who enjoys hands-on investigative work, owning key functions in a small-team environment, and directly influencing the maturity of a security operations program.

As a Cybersecurity Operations Analyst II, you will serve as a primary escalation point for security alerts, incidents, and threat investigations. You’ll partner closely with IT, business stakeholders, and leadership to ensure systems, data, and users remain secure against evolving threats.

Key Responsibilities

Threat Detection & Investigation

• Monitor and triage alerts from SIEM, EDR, email security, and network monitoring tools.
• Investigate escalated events from MSSPs or automated detections.
• Conduct threat hunting activities leveraging IOCs, suspicious patterns, and cyber threat intelligence.

Incident Response

• Lead response activities for medium-to-high severity security incidents.
• Perform root cause analysis and develop detailed post-incident reports.
• Collaborate with IT and business teams to contain, eradicate, and recover from threats.

Security Tool Management

• Maintain and tune SIEM, EDR, and additional security tools to improve detection accuracy.
• Build and refine custom detection rules, dashboards, alerts, and reporting capabilities.

Vulnerability & Risk Management

• Oversee the vulnerability management lifecycle, including scanning, analysis, prioritization, and remediation tracking.
• Validate and categorize vulnerabilities based on exploitability and business impact.
• Partner with IT teams to provide patching and configuration guidance.
• Ensure timely remediation of identified risks.

Collaboration & Communication

• Serve as liaison between Security Operations and IT/business units.
• Provide technical direction and mentorship to Tier 1 analysts.
• Communicate findings and risk assessments in clear, non-technical language.

Continuous Improvement

• Recommend enhancements to tools, workflows, detection logic, and response procedures.
• Maintain and refine incident response runbooks and escalation guidelines.

Qualifications

Required:

• 5+ years of experience in Security Operations, Incident Response, Threat Detection, or a related field.
• Hands-on experience with SIEM, EDR, and network security technologies.
• Strong understanding of threat actors, attack techniques (MITRE ATT&CK), and security best practices.
• Ability to analyze logs, packets, system telemetry, and behavioral indicators.
• Excellent communication skills, written and verbal.

Preferred:

• Experience working on small or cross-functional security teams.
• Familiarity with cloud environments such as AWS, Azure, or GCP.
• Industry certifications such as Security+, CySA+, GCIH, GCIA, or equivalent.
• Scripting skills in Python, PowerShell, or Bash for automation and tooling.

Compensation:

• $120,000-$140,000