Security Analysts
Analysts who hunt for what is actually happening — not what the dashboard says is fine.
A security analyst who only monitors alerts is not protecting you. They are watching a screen. Our analysts hunt.
They work the full spectrum: SOC operations, threat hunting, incident response, log analysis, and SIEM tuning. They know what normal looks like in your environment so they can recognize what is not — because anomaly detection only works when someone understands the baseline.
When something triggers, they do not wait for escalation. They pull the thread. They work through the chain of events, identify scope, determine what was accessed and what was not, and drive to a conclusion. Their incident reports tell you what happened, how far it went, and what needs to change — not just that something fired an alert.
Threat intelligence is not a feed they subscribe to. It is context they apply to what they are seeing in your environment right now. They know the difference between a generic IOC and evidence that something real is happening in your specific environment.
Clearances available. SOC Tier 1 through Tier 3. Hunters, incident responders, and analysts who can run a SIEM like they built it.