Cybersecurity Jobs List logo

Cybersecurity Jobs List

  1. Home
  2. Jobs
  3. Cybersecurity Operations
  4. Senior Cybersecurity Operations Analyst
VH
Versant Healthversanthealth.com

Senior Cybersecurity Operations Analyst

$138k – $154k YearlyUnited States (Remote)Full-time13h ago

Senior Cybersecurity Operations Analyst

Senior Cybersecurity Operations Analyst

Who are we? Versant Health is one of the nation's leading administrators of managed vision care, serving over 35 million of our clients' members across the United States. Our purpose is to make healthy vision a reality for everyone by improving access to care and education in the communities we serve. Fueled by our mission to improve members' lives with easy-to-use vision solutions rooted in choice value, and care, we believe that everyone has the power to become anything they set their sights on.

See how you can make a difference with the support of strong leadership and a team environment.

Versant Health: Making Healthy Vision a Reality for Everyone

What are we looking for? The Senior Cybersecurity Operations Analyst supports and advances the organization’s Information Security program by protecting the enterprise against evolving cyber threats. This role is responsible for leading incident response activities, investigating and analyzing security events, optimizing security controls, and collaborating cross functionally to strengthen the organization’s overall security posture.

The Senior Cybersecurity Operations Analyst provides hands on technical leadership through proactive threat hunting and the continuous enhancement of detection and response capabilities. This position contributes to the ongoing evolution of Versant Health’s cybersecurity operations by leveraging leading security technologies, partnering with internal stakeholders, and staying current on emerging threats and attack methodologies.

Where you will have an impact

Security Hygiene & Control Validation

  • Routinely audit and validate security control coverage (e.g., XDR, ZTNA, DLP) to ensure tools are operating effectively and protect 100% of intended assets.
  • Partner with the SOC to ensure log integrity across security and non-security systems; validate alert scope, fidelity, and thresholds.
  • Monitoring the health and performance of security tools, performing root cause analysis when agents fail or policies are not properly applied.

Incident Response, Event Monitoring, & Threat Hunting

  • Serve as the Tier 2 escalation point for the SOC and lead the full incident response lifecycle, from containment through recovery.
  • Conduct proactive threat hunting using threat intelligence, SOC findings, and behavioral analysis to identify threats that bypass automated controls.
  • Analyze threat intelligence to inform defensive strategies and continuously improve detection capabilities.
  • Collaborate with the SOC to develop, refine, and maintain incident response playbooks aligned to business context.
  • Monitor and analyze security alerts from SIEM, EDR, and other tools to identify and respond to potential threats.
  • Implement and enforce security controls, policies, and procedures to protect organizational assets.

Blue, Red, and Purple Team Activities

  • Lead the development and execution of recurring security wargames, including scenario design and cross functional participation.
  • Actively participate in and lead blue team activities focused on defensive security, detection, and incident response.
  • Collaborate in purple team exercises to validate detection and response effectiveness against real world attack scenarios.
  • Participate in internal red team exercises, penetration tests, and simulated attacks to identify security gaps and control weaknesses.
  • Perform adversary emulation by modeling tactics, techniques, and procedures (TTPs) of known threat actors.
  • Share insights, lessons learned, and intelligence across teams to continuously improve security posture.
  • Use findings from offensive testing to optimize SIEM rules, EDR/CASB/SWG policies, firewall configurations, and other security controls.

Security Tool Management Configure, maintain, and optimize a broad portfolio of security technologies, including: Security Information and Event Management (SIEM): Log aggregation, correlation, tuning, and alerting. Endpoint Detection and Response (EDR): Threat detection and response across endpoint environments. Attack Surface & Exposure Management (ASM/AEM): Continuous discovery and prioritization of vulnerabilities and exposures. Cloud Access Security Broker (CASB): Enforcement of security controls for cloud applications and services. Secure Web Gateway (SWG): Inspection of web traffic and protection against web-based threats. Data Loss Prevention (DLP): Design, implementation, and management of policies to prevent unauthorized data exfiltration across endpoints, networks, and cloud environments.

Security Operations & Support Respond to and resolve security related tickets and user inquiries. Provide guidance and best practice recommendations to end users and IT partners. Troubleshoot security tool issues and perform root cause analysis.

Documentation, Reporting, & Communication Create and maintain detailed documentation for incident response procedures, security tool configurations, and security advisories. Generate and present reports on security incidents, trends, and overall security posture to management. Communicate clearly and effectively with stakeholders during and after security incidents.

Mentorship & Collaboration Serve as a mentor to junior analysts, providing technical guidance, coaching, and training. Actively solicit feedback from peers and partners to improve operational effectiveness and team maturity. Support special projects and other duties as assigned.

What’s necessary to do the job?

  • Bachelors degree required
  • 5+ years of experience in cybersecurity, with a strong focus on security operations and incident response
  • Deep hands on experience administering and maintaining SIEM, EDR, and related security tools
  • Strong understanding of networking concepts, TCP/IP, Active Directory, DNS, DHCP, and network defense technologies
  • Proficiency with Windows, Linux, and macOS operating systems
  • Experience with cloud security platforms (e.g., AWS, Azure)
  • Knowledge of secure engineering principles and technical security testing methodologies.

We offer a comprehensive and competitive total rewards package designed to support your health, financial well being, and work life balance. Benefits include medical, dental, and paid vision coverage; paid time off and company holidays; retirement savings with employer contribution; employee wellness resources; and professional development opportunities. Additional benefits may include flexible work arrangements, employee assistance programs, and other programs that support you both at work and beyond.

This role is compensated through a fixed annual salary. The expected salary range for this position is $138,000.00 – $154,000.00 annually, based on role scope, experience, and market considerations. This position is not eligible for bonus or incentive compensation.

HIPAA & Security Requirements All Associates must comply with the Health Insurance Portability Accountability Act of 1996 (HIPAA) as it pertains to disclosures of protected health information (PHI) as described in the Notice of Privacy Practices and HIPAA Privacy Policies and Procedures. As a component of job roles and responsibilities, Associates may have access to covered information, cardholder data or other confidential customer information which must be always protected. As a result, Associates must explicitly adhere to all data security guidelines established within the Company’s Privacy & Security Training Program.

Versant Health will never request money from candidates who seek employment with us and will never ask for any payment as part of the recruitment process.

Versant Health is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at Versant Health without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

Our purpose is to make healthy vision a reality for everyone by improving access to care and education in the communities we serve. Fueled by our mission to improve members’ lives with easy-to-use vision solutions rooted in choice, value, and care, Versant Health believes that everyone has the power to become anything they set their sights on.

Our team is guided by core Leadership Principles—Perspective, Care, Drive, and Ownership—which shape how we work, lead, and grow together.

Our Management Team is committed to fostering a strong and supportive culture, cultivating a thriving work environment, providing clear direction, optimizing resources, enabling innovative solutions, and driving meaningful results.

Categories

Cybersecurity Operations
Incident Response
Information Security
Security Engineering
SOC Analyst

Skills

Active Directory
AEM
ASM
AWS
Azure
CASB
DHCP
DLP
DNS
EDR
HIPAA
Incident Response
Linux
MacOS
Penetration Testing
SIEM
SWG
TCP/IP
Threat Hunting
Windows
XDR
ZTNA