Security Analyst Iii

We're revolutionizing the fitness & wellness industry, and we're looking for talented people to help us do it. Mindbody + ClassPass bring together the best of both sides of the market: Mindbody is the industry's most trusted all-in-one technology platform; ClassPass is one of the most popular apps for fitness & self-care enthusiasts. Together we're partnering with more than 70,000 fitness studios, gyms, salons, and spas around the world. We're not just another tech company—we're far and away the leader of our industry. So join the team, work with mission-led people, and enjoy amazing benefits. Let's see what we can accomplish together**Who we are**:We are a dedicated team of security professionals focused on evolving Mindbody's security posture. Our collective goal is to protect the future, fostering increased opportunities for wellness businesses worldwide to empower their customers in leading secure and healthy lives. Committed to a higher purpose, we continuously challenge ourselves and our organization to excel, understanding the strength derived from collaborative efforts towards a common goal. We are advocates for a diverse workplace, fostering an environment where individuals can bring their authentic selves to contribute to our shared success. At the heart of our achievements lies the belief in the value of our people. If you share our passion and vision, consider joining our team, and let's explore the remarkable feats we can achieve together**Your role**:**You'll likely spend time working on**:- Review and analyze security alerts generated by the SIEM system, prioritizingand triagingalerts based on severity and potential impact- Manage and optimize security operation technologies and functions such as SIEM, TIP, andincident response case management to enhance the organization's security visibility- Evaluate security data sources and use cases for consideration in the improvement and expansion of the team's detection capabilities- Lead incident response efforts, including investigation, containment, eradication, and recovery from security incidents and breaches. Participating in the team's on-call rotation for critical incident escalations- Conduct root cause analysis and post-incident reviews- Develop and evangelize incident response playbooks and procedures for CSIRT- Steer the Cyber Threat Intelligence (CTI) program to continually monitor emerging security threats, trends, and technologies. Provide recommendations for improving security controls and processes to mitigate risks efficiently- Gather and analyze cyber threat intelligence from various sources, correlate it with security events and incidents, and provide actionable insights to the security team and stakeholders- Conduct proactive threat hunting activities to identify potential threats, develop and implement methodologies and tools, and document findings with recommended mitigation strategies- Monitor and analyze user behavior to detect potential insider threats, investigate suspicious activities and recommend appropriate actions, and develop and implement insider threat detection and response strategies- Provide guidance, support, and mentorship to junior team members who demonstrate a willingness to learn and take on new challenges- Aid in the gathering of evidence for compliance audits**About the right team member**:You are an experienced, self-motivated security professional who is passionate about leading and executing impactful and high-quality security initiatives. You know the best security is created through collaboration and iteration, and you are looking for the right opportunity and the right team to expand your experience.**You'll thrive in this role with experience in**:- Broad and deep knowledge of security concepts, principles, and best practices- 5-7 years information security and/or technology experience, 3+ years in a similar cyber security analyst role- Exceptional decision-making skills, demonstrating a track record of effectively evaluating the costs and benefits of various courses of action to find the optimal solution- Comfortable communicating with a broad audience, including executives, clients, and cross-functional teams- Skilled in the analysis of threat event data and recognition of tactics, techniques, and procedures (TTPs) employed by threat actors- Experience with operating and managing SIEM (e.g., Google Chronicle, Splunk) and- Endpoint, Detection and Response (EDR) tools- Familiar with scripting languages for automation (e.g., Python, Bash, PowerShell)- Experience with cloud security and monitoring (e.g., AWS, Azure, Google Cloud)- Strong background in incident response and handling complex security incidents- Experience in cyber threat intelligence gathering and analysis and threat hunting methodologies and tools- CISSP, GIAC or comparable certifications strongly preferred**Have we piqued your curiosity?**:Sound like the role for you? We'd love to hear from yo