Senior Security Operations Analyst

About Extend:

What You'll Do: 

• Serve as a core member of Security Operations, monitoring and triaging alerts from platforms such as SentinelOne and Wiz. Perform end-to-end investigations to identify, contain, and remediate threats and incidents, driving timely, appropriate response.
• Proactively identify and assess vulnerabilities in infrastructure and code, working with development and other cross functional teams to address issues.
• Contribute to the end-to-end detection lifecycle: model attacker behaviors (MITRE ATT&CK), write and test detections as code across security programs and tooling (SentinelOne, Wiz, Okta, AWS CloudTrail), and continuously enrich to reduce false positives and improve MTTD. Support data quality and telemetry onboarding, maintain response playbooks, and provide threat validation assistance across the business.
• Assist teams with the application of secure configuration baselines and best practices in accordance with CIS Benchmarks, NIST, vendor hardening guides, and applicable compliance standards across all company computing assets.
• Correlate endpoint and infrastructure telemetry to identify emerging threats. Curate and operationalize intelligence (IOCs, TTPs) into detections and response playbooks, and maintain vetted intelligence feeds.
• Assist GRC initiatives by mapping controls to internal policies and frameworks (e.g., SOC 2, NIST CSF, NYC DFS 500), identifying gaps, supporting audits and evidence collection, tracking remediation, and maintaining policies and control documentation.
• Work with engineering and business teams to champion security best practices, communicate risks to accountable owners, and assist with mitigation planning and execution.

What We Are Looking For: 

• 3+ years experience in a Security Analyst / Security Operations role
• 3+ years experience with AWS CloudFormation, or other infrastructure-as-code systems (like Terraform)
• 3+ years experience or certification in AWS serverless technologies (API Gateway, Lambda, S3, DynamoDB)
• Certifications (one or more preferred): CISSP, CCSP, GIAC (GCIH/GCIA/GMON/GCED/GCFA/GREM), cloud security (AWS or cloud agnostic security specialty) or equivalent experience.
• Proficiency with hands on management and use of SIEM, CNAPP, EDR, Vulnerability Management tooling, and Detection Engineering strategies.
• Proficiency with AI technologies and the corresponding threat landscape and strategies for mitigation. Understands agentic workflows such as AWS Bedrock, MCP based workflows (or similar technologies)
• Working Knowledge of best practices around security roles and responsibilities for AWS IAM
• Experience working with observability services and tooling (including Coralogix, CloudWatch, OpenTelemetry)
• Ability to perform in a high energy environment with dynamic job responsibilities and priorities

Nice to Haves: 

• Experience with AWS Cloud Development Kit(CDK)
• Experience with Mastra AI

Expected Pay Range: $157,000 - $182,000 per year salaried*

* The target base salary range for this position is listed above. Individual salaries are determined based on a number of factors including, but not limited to, job-related knowledge, skills and experience.

Life at Extend:

• Working with a great team from diverse backgrounds in a collaborative and supportive environment.
• Competitive salary based on experience, with full medical and dental & vision benefits.
• Stock in an early-stage startup growing quickly.
• Generous, flexible paid time off policy.
• 401(k) with Financial Guidance from Morgan Stanley.

Extend CCPA HR Notice