The **Principal Security Analyst** is a senior individual contributor responsible for detecting, analyzing, and reducing security risk across enterprise systems, cloud environments, endpoints, and applications. This role combines advanced threat detection and incident response expertise with security engineering-minded improvements to monitoring, automation, and control effectiveness.

The **Principal Incident Response Analyst** is the senior individual-contributor authority responsible for leading complex security incident investigations, coordinating response across technical and business teams, and driving measurable improvements to detection, containment, eradication, and recovery capabilities. This role exists to ensure the organization can rapidly reduce impact from security events, preserve evidence, meet regulatory obligations, and continuously harden systems based on real incident learnings.

The **Principal Detection Analyst** is the senior-most individual contributor (IC) responsible for designing, improving, and governing high-fidelity security detections that identify adversary behavior across endpoints, cloud environments, networks, identity systems, and applications. This role combines deep threat and telemetry expertise with practical detection engineering to reduce mean time to detect, increase true-positive signal, and measurably improve security coverage against real-world tactics and techniques.

The **Lead Vulnerability Management Analyst** owns the day-to-day and strategic execution of an organization’s vulnerability management (VM) program, ensuring technology risks are identified, prioritized, communicated, and driven to remediation. This role blends deep technical judgment with program leadership—translating scan results and threat intelligence into practical actions across engineering, infrastructure, and operations teams.

The **Lead Threat Intelligence Analyst** is a senior, hands-on security analyst who designs, runs, and continuously improves an organization’s threat intelligence (TI) capability to reduce cyber risk. The role turns raw signals (telemetry, OSINT, vendor feeds, dark web monitoring, incident learnings) into **actionable intelligence** that informs detection engineering, incident response, vulnerability management, and security strategy.

The Lead SOC Analyst is a senior, hands-on security operations professional responsible for directing day-to-day threat detection, triage, incident response execution, and continuous improvement within the Security Operations Center (SOC). This role combines deep technical expertise with shift/team leadership to ensure consistent analyst performance, high-quality investigations, and reliable operational outcomes.

The Lead Security Analyst is a senior individual contributor (IC) within the Security function responsible for protecting the organization’s systems, products, and data by leading high-signal detection, incident response, threat hunting, and security operational improvement. This role blends deep hands-on technical analysis with “lead” accountability—coordinating response efforts, mentoring analysts, driving playbook maturity, and influencing security controls across engineering and IT.

The **Lead Incident Response Analyst** leads the identification, containment, eradication, and recovery of cybersecurity incidents in a software or IT organization. This role combines deep hands-on technical investigation capability with incident command leadership, ensuring incidents are handled quickly, consistently, and with strong evidence, communications, and follow-through.

The **Lead Detection Analyst** is a senior security analyst responsible for designing, improving, and operationalizing detection logic that identifies malicious activity across endpoints, networks, cloud platforms, and SaaS environments. The role blends deep investigative skill (understanding attacker behavior and telemetry) with detection engineering practices (building, testing, tuning, and maintaining detections at scale).

The **Junior Vulnerability Management Analyst** supports the organization’s vulnerability management lifecycle by helping identify, validate, prioritize, track, and report vulnerabilities across infrastructure, endpoints, cloud, and applications. The role focuses on operational execution (scanning support, data quality, ticketing, reporting, and remediation coordination) under the guidance of a Vulnerability Management Lead or Security Operations Manager.

The **Junior Threat Intelligence Analyst** supports the organization’s security outcomes by collecting, triaging, enriching, and communicating threat intelligence that helps prevent, detect, and respond to attacks against company systems, products, customers, and employees. This role converts external and internal signals (e.g., OSINT, commercial feeds, security alerts, vulnerability disclosures, phishing reports) into **actionable intelligence** for Security Operations, Incident Response, Vulnerability Management, and Engineering.

The Junior SOC Analyst is an entry-level security operations role responsible for monitoring, triaging, and escalating security alerts to protect a software or IT organization’s systems, cloud environments, and customer data. The role focuses on first-line (Tier 1 / L1) detection and response activities, ensuring that potential threats are identified quickly, documented accurately, and routed to the right responders with sufficient context.

The **Junior Security Analyst** supports day-to-day cybersecurity operations by monitoring security signals, triaging alerts, escalating suspected incidents, and assisting with vulnerability and access control processes. The role exists to provide reliable “first-line” security coverage, improve detection-to-response speed, and reduce operational risk through consistent analysis and disciplined execution.

The **Junior Incident Response Analyst** supports the detection, triage, containment, and documentation of cybersecurity incidents affecting a software company or IT organization. This role focuses on **first-pass investigation**, evidence handling, and executing established response playbooks under the guidance of senior incident responders, a SOC lead, or an incident response manager. The position is designed to build strong operational discipline, analytical thinking, and technical foundations in security operations and incident response.

The **Junior Detection Analyst** is an early-career security operations role focused on identifying, validating, and improving detections for suspicious or malicious activity across endpoints, identities, cloud services, and networks. The role supports the organization’s ability to **detect threats quickly and accurately** by triaging security alerts, investigating signals, and contributing to detection content (rules, queries, and playbooks) under guidance.

The Incident Response Analyst is an individual contributor in the Security organization responsible for detecting, triaging, investigating, and coordinating response to cybersecurity incidents affecting a software or IT environment. The role blends technical investigation (endpoint, identity, cloud, network, and application signals) with structured response execution (containment, eradication, recovery, and post-incident improvement).

A **Detection Analyst** designs, tunes, and operates security detections that identify malicious activity and policy violations across endpoints, identities, cloud workloads, networks, and applications. The role sits at the intersection of SOC operations, threat intelligence, and security engineering, translating attacker behavior into actionable alerts and high-fidelity detection logic that can be triaged and responded to quickly.

The Associate Vulnerability Management Analyst supports the company’s vulnerability management program by identifying, validating, prioritizing, and tracking remediation of security vulnerabilities across endpoints, servers, cloud resources, and applications. This role turns raw scanner findings into actionable, risk-based work for engineering and IT teams, while maintaining high data quality, consistent reporting, and predictable remediation workflows.

The **Associate Threat Intelligence Analyst** collects, curates, and analyzes threat data to help the organization understand who might attack, how they operate, and what the company should do to reduce risk. This role turns raw signals—open-source reporting, vendor feeds, internal telemetry, and incident learnings—into actionable intelligence that improves detection, incident response, vulnerability prioritization, and security decision-making.

The **Associate SOC Analyst** is an entry-level security operations role responsible for continuously monitoring security telemetry, triaging alerts, performing first-pass investigation, and escalating confirmed or high-risk events to senior analysts and incident responders. The role exists to provide consistent, high-coverage detection and response capability for a software or IT organization, ensuring suspicious activity is quickly identified, contained, and documented.

The Associate Security Analyst is an early-career security operations and assurance role responsible for monitoring, triaging, and supporting the response to security events across a software or IT organization. The role focuses on executing defined processes—alert handling, basic incident response support, vulnerability management support, access governance checks, and evidence collection—while building the technical and analytical depth required for more independent ownership.

The **Associate Incident Response Analyst** supports the detection, triage, investigation, and coordinated response to security incidents affecting company systems, applications, and data. This role operates as a front-line incident handler under the guidance of senior incident responders and the SOC/IR leadership, ensuring events are accurately assessed, documented, escalated, and resolved with minimal business impact.

The Associate Detection Analyst designs, tunes, and validates security detections that identify suspicious activity across endpoints, identity systems, networks, cloud platforms, and core business applications. This role turns raw telemetry (logs, events, alerts) into reliable detection content (rules, queries, correlation logic, and playbooks) that helps the organization detect threats earlier and reduce noise for Security Operations.