Security Analyst - SOC experience

Shift is the leading AI platform for insurance.  Shift combines generative, agentic, and predictive AI to transform underwriting, claims, and fraud and risk - driving operational efficiency, exceptional customer experiences and measurable business impact.  Trusted by the world's leading insurers, Shift delivers AI when and where it matters most, at scale and with proven results.

Our culture is built on innovation, trust, and a drive to transform the insurance industry through our SaaS platform. We come from more than 50 different countries and cultures and together we are creating the future of insurance.

The security team is a critical component of Shift Technology as no organization is immune to cyber-crime. The team is responsible for protecting information throughout the security infrastructure, edge devices, networks, and data. We strive to stay up to date with the latest tactics hackers are employing in the field in order to prevent data breaches by monitoring and reacting to attacks but the first step is finding the most qualified professionals to lead the way. 

 

DESCRIPTION

As a Security Analyst you will be a hands-on defender of Shift's digital environment. This is a hybrid role that combines real-time security operations (SecOps) with proactive infrastructure and application security. You will not only monitor for and respond to threats, but also help develop and automate the detections, playbooks, and responses that mature our security posture, and validate the effectiveness of our security controls.

 

RESPONSIBILITIES

Threat Detection, Monitoring, and Response Engineering

• Monitor security alerts from a variety of sources (SIEM, EDR, Cloud Security tools) to identify, triage, and investigate potential threats.
• Contribute to the development, tuning, and maintenance of detection rules and analytics in the SIEM to improve threat visibility and reduce false positives.
• Analyze security logs and data to identify anomalous or malicious activity.
• Utilize automated response actions within our security tooling (SOAR) to handle common threats efficiently and assist in identifying new opportunities for automation.

Incident Response

• Develop and maintain incident response playbooks and procedures to ensure a consistent and effective response to security events.
• First responder for security incidents, executing initial analysis and containment procedures based on established playbooks.
• Support incident response activities, including investigation, evidence gathering, and communication with stakeholders.

Security Assurance & Control Testing

• Perform regular security assurance tasks, such as user access and configuration reviews.
• Assist with the third-party risk management process by supporting technical security assessments of vendors and services.

Collaboration & Improvement

• Produce reports on security incidents and control test results, and collaborate with engineering teams on remediation efforts.
• Proactively identify potential security problems and work with partner teams to implement solutions.
• Support the CISO and the department in regular security operations and control monitoring activities.

 

SKILLS & BACKGROUND

Experience & Education

• 4+ years of experience in Security Operations (SOC), Incident Response, or a similar hands-on security role.
• Bachelor’s Degree in a relevant field or equivalent work experience.

Hands-On Technical Skills

• Hands-on experience with a SIEM platform (e.g., Azure Sentinel, Splunk) for detection engineering, log analysis, threat hunting, and triage. Familiarity with detection logic.
• Experience with Endpoint Detection & Response (EDR) tools (e.g., Palo Alto Cortex XDR, CrowdStrike, Microsoft Defender for Endpoint).
• Familiarity with network security technologies (Firewalls, IDS/IPS, WAFs) and vulnerability assessment tools (e.g., Tenable, Qualys).
• Proficient search logic and query skills (e.g., KQL, Splunk SPL), and familiarity with scripting languages (e.g., PowerShell, Python) for automation and analysis.
• Experience using SOAR platforms to investigate and respond to incidents.

Knowledge & Frameworks

• Familiarity with security frameworks, particularly MITRE ATT&CK.
• Understanding of compliance and privacy frameworks for context (e.g., ISO 27001, SOC 2, NIST CSF, HIPAA, GDPR).
• Broad understanding of core information security technologies and concepts.

Core Competencies

• A strong analytical and investigative mindset with high attention to detail.
• Excellent communication skills, with the ability to clearly articulate technical findings.
• A collaborative team player who can work effectively with technical and non-technical stakeholders.
• The ability to remain calm and methodical under pressure, especially during incident response.

 

Recruitment Process

• TA Interview
• Security team interview
• Technical interview
• CISO interview
• CTO interview

To support our permanent, full time employees at every stage of their careers and lives, we provide a competitive total rewards and benefits package. Here are the global benefits we’d like to highlight:

• Flexible remote and hybrid working options
• Competitive Salary and a variable component tied to personal and company performance
• Company equity
• Multiple Learning and Development opportunities, including Focus Fridays, a half-day each month to focus on learning and personal growth
• Generous PTO and paid holidays
• Mental health benefits 
• 2 MAD Days per year (Make A Difference Days for paid volunteering)

Additional benefits may be offered by country - ask your recruiter for more information. Intern and Apprentice position are eligible for some of these benefits - ask your recruiter for more details.

At Shift we strive to be a diverse and inclusive workforce. We welcome applications from and hire people who will contribute to the diversity of our company, without regard to race, color, religion, marital status, age, national or ethnic origin, physical or mental disability, medical condition, pregnancy, genetic information, gender identity or expression, sexual orientation, or other non-merit criteria.

Shift Technology is committed to providing reasonable accommodations for qualified individuals with disabilities in our application and employment process. Should you require accommodation, please email accommodation@shift-technology.com and we will work with you to meet your accessibility needs.

Please be aware of scammers and only trust correspondence that comes from emails ending in "shift-technology.com". We will never do initial outreach to you via Whatsapp/Text/SMS, never ask for banking information or personal identification numbers (ex. Social Security Number) as part of our recruitment process.

Shift Technology does not accept unsolicited CVs from recruiters or employment agencies in response to the Shift Technology Careers page or a Shift Technology social media post. Any unsolicited CVs, including those submitted directly to hiring managers, are deemed to be the property of Shift Technology.