Security Operations Analyst

Iterable is the leading AI-powered customer engagement platform that helps leading brands like Redfin, SeatGeek, Priceline, Calm, and Box create dynamic, individualized experiences at scale. Our platform empowers organizations to activate customer data, design seamless cross-channel interactions, and optimize engagement—all with enterprise-grade security and compliance. Today, nearly 1,200 brands across 50+ countries rely on Iterable to drive growth, deepen customer relationships, and deliver joyful customer experiences.

Our success is powered by extraordinary people who bring our core values—Trust, Growth Mindset, Balance, and Humility—to life. We foster a culture of innovation, collaboration, and inclusion, where ideas are valued and individuals are empowered to do their best work. That’s why we’ve been recognized as one of Inc’s Best Workplaces and Fastest Growing Companies, and were recognized on Forbes’ list of America’s Best Startup Employers in 2022. Notably, Iterable has also been listed on Wealthfront’s Career Launching Companies List and has held a top 10 ranking on the Top 25 Companies Where Women Want to Work.

With a global presence—including offices in San Francisco, New York, Denver, London, and Lisbon, plus remote employees worldwide—we are committed to building a diverse and inclusive workplace. We welcome candidates from all backgrounds and encourage you to apply. Learn more about our story and mission on our Culture and About Us pages. Let’s shape the future of customer engagement together!

How you will make an impact: 

We are seeking a detail orientated and process-driven Security Operations Analyst to join our Security Engineering team. This role is best suited for a Junior-level individual with some experience that is looking to transition into a Mid-level security operational role.  The ideal candidate is ready and excited to become a critical part in maintaining our daily security posture through consistent operational execution, including alert triage, incident coordination, vulnerability and threat monitoring, and validation of detection coverage.

This is a critical, hands-on security operations role and the primary operational resource supporting our Security Engineering team. Success hinges on a disciplined approach to daily execution, making this the perfect role for a process-driven individual eager to master foundational security operations and make a measurable impact on our security posture. Since this is a hands-on security operations role, your day-to-day tasks require exceptional attention to detail, comfort with repetitive workflows, and an ability to strictly follow defined runbooks and standard operating procedures (SOPs). Candidates that are disciplined, reliable, and motivated by doing foundational security operations well and embody regular, reliable, disciplined and motivated work are encouraged to apply. The willingness to learn new concepts and properly convey them to stakeholders is not only required but encouraged, as well as maintaining an open mind about different methods of accomplishing a goal. 

How You Will Make a Difference:

Alert & Incident Operations

• Alert Triage & Queue Management: Perform initial investigation, data enrichment, and escalation of alerts and tickets generated by the SIEM, SOAR, EDR, IDS, and other monitoring tools.
• Case Escalation: Identify alerts and situations requiring escalation to the Security on-call
• Incident Coordination: Maintain accurate and timely incident records in Security Incident record keeping software. The tasks include identifying ownership, timeline tracking, status updates, and ensuring retrospective remediation tasks are captured in individual Ticketing platforms
• Coordinate  communication for containment and remediation steps with relevant teams (engineering, security, support, etc.).
• Conduct detection validation, verifying false positives and adding research for alerts to tickets before escalation to senior security engineers.
• Case Documentation: Ensure investigation notes, follow-ups, retrospective analysis, and action items are consistently documented, logged, and tracked to completion.
• Perform unsupervised investigation for lower-severity incidents or exploratory cases to determine significance.
• Stay up-to-date with trending cybersecurity topics and their application to the enterprise
• Follow an escalation protocol based around certain mapped criteria for the entirety of the Security Engineering team and assist as necessary with providing evidence for any changes that are required

Threat Monitoring & Detection Support

• Understand the differences between detections, threat hunting, threat intelligence as well as their individual roles in a security program
• Act as a bridge between Security Operations and Engineering by helping translate threat research into clear, actionable deliverables with guidance from senior team members
• Provide concise and constant feedback on detections and their importance to the program, as well as identify areas of improvement for the Operational portion of workload

Vulnerability & Exposure Management

• Perform Vulnerability Management triage, including enrichment of findings, prioritization guidance, and escalation of actionable issues.
• Investigate and validate vulnerabilities, leaked secrets, and suspicious activity surfaced through scanning tools.
• Support Security Risk Register entries, including evidence collection, submission tracking, and recurring validation.
• Maintain security tooling hygiene by performing test scans, verifying dashboard integrity, confirming detection visibility, and ensuring findings properly flow to downstream systems with minimal guidance
• Assess potential issues in system operational health and provide quick writeups on the actions that were observed and their outcome to assist the Security Engineering team in quickly and efficiently identifying Incident worthy events
• Act as an Operational stakeholder and maintain accountability for day-to-day security operations by identifying outages, missing information, incorrect detections and low-level system health events

External Testing & Remediation Support

• Coordinate external penetration testing engagements, including scheduling, data gathering, issue tracking, and ensuring remediation tasks are properly logged and followed through with validation.
• Maintain a high degree of professionalism when dealing with all External communication and technical testing, whether that is in conjunction with internal Iterable teams or External teams that require assistance per our Service Level Agreements

We Are Looking for People Who:

• 2+ years experience in a Network Operations Center (NOC), Security Operations Center (SOC), Digital Forensics and Incident Response (DFIR) capacity, or Tier 2/3 IT Administrative Support role with a focus on transitioning completely into Security
• Hands-on experience with SIEM / EDR platforms and ticketing workflows
• Proven ability to strictly follow detailed procedures and runbooks with precision and provide feedback and constructive criticism of processes that can be improved upon with the wider team
• Strong analytical and pattern-recognition skills with comfort reviewing large volumes of logs and alerts with minimal assistance
• Working knowledge of security fundamentals: network protocols, common attack techniques, authentication/authorization, and cloud IAM basics
• A strong desire to learn and grow in a technical field with specific tools and processes
• Basic knowledge of several different OS types and corporate environment architecture and network structures

Bonus Points:

• Knowledge of cloud-native environments (AWS, GCP, Azure) and modern production systems.
• Experience with CI/CD pipelines, containerized environments, or cloud identity controls.
• Exercises or experience in Purple-team oriented functions at a basic level, understanding commands at an Operating System level and how they are both identified and perceived by systems and responders
• Conduct basic Threat Intel behaviors such as researching industry standard practices and trending threats
• Basic to intermediate understanding of programming logic of common practical languages and how they can relate to Security Incidents
• Demonstrated consistency in high-discipline and process-driven roles with a focus on keeping the operations running.
• Stays up to date with technical education and emerging threats, detection methods, security concepts, conferences, and has a general understanding and desire to learn more and grow
• Security-focused and Cloud Operations certificates appreciated but not required – there is strong encouragement to learn what you can on your own and then bring that knowledge back to the team
• Familiarity with cloud-native tooling and their function for personal use, small business and large enterprise
• Home-lab environments for testing different competencies listed above

Perks & Benefits:

• Competitive salaries, meaningful equity, & 401(k) plan
• Medical, dental, vision, & life insurance
• Balance Days (additional paid holidays)
• Fertility & Adoption Assistance
• Paid Sabbatical
• Flexible PTO
• Monthly Employee Wellness allowance 
• Monthly Professional Development allowance 
• Pre-tax commuter benefits
• Complete laptop workstation

The US base salary range for this position at the start of employment is $92,000 - $149,000. Within this range, individual pay is determined by specific US work location, as well as additional factors, including job-related skills, experience, relevant education or training, and internal equity considerations.

Please note that the range listed above reflects only base salary. The total compensation package includes variable pay (where applicable), equity, plus a range of benefits, including medical, dental, vision, and financial. In addition, we offer perks such as generous stipends for health & fitness and learning & development, among others.

Recruitment Disclaimer:

Please be aware that Iterable, Inc. (“Iterable”) and our official professional recruiting agencies and platforms do not:

• Send job offers from free email services like Gmail, Yahoo mail, Hotmail, etc.
• Request money, fees, or payment of any kind from prospective candidates to apply to Iterable, for employment, or for the recruitment process (e.g. for home office supplies, or training, etc.).
• Request or require personal documents like bank account details, tax forms, or credit card information as part of the recruitment process prior to the candidate signing an engagement letter or an employment contract with Iterable.

You may see all job vacancies on our official Iterable channels:

• Official Iterable website, Careers page: https://iterable.com/careers/
• Official LinkedIn Jobs page: https://www.linkedin.com/company/iterable/jobs/

Iterable is not affiliated in any way to these impostors and we hereby confirm that such individuals/entities are not authorized, encouraged, or sponsored to act on behalf of Iterable. Such job opportunities are entirely fake and not valid. Therefore, please disregard any written or oral request for a job offer or an interview that you believe is or might be fraudulent or suspicious and immediately reach out to us via email at talent-ops@iterable.com upon receiving a suspicious job offer.

Criminal and/or civil liabilities may arise from such actions, and Iterable expressly reserves the right to take legal action, including criminal action, against such individuals/entities whenever such phenomena occur. In any case, please note that under no circumstances shall Iterable and any of its affiliates be held liable or responsible for any claims, losses, damages, expenses or other inconvenience resulting from or in any way connected to the actions of these impostors.

Iterable is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. Iterable does not make hiring or employment decisions on the basis of race, color, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender-identity, sexual orientation, disability, age, military or veteran status, or any other basis protected by applicable local, state, or federal laws or prohibited by Company policy. Iterable also strives for a healthy and safe workplace and strictly prohibits harassment of any kind. Pursuant to the San Francisco Fair Chance Ordinance and other similar state laws and local ordinances, and its internal policy, Iterable will also consider for employment qualified applicants with arrest and conviction records.