Senior Security Analyst
Lead Bank is looking for a Senior Security Analyst to join our Security Operations team. You'll be a core contributor to our detection and response capabilities — building detections, triaging alerts, responding to incidents, and proactively hunting threats across cloud infrastructure, security tooling, and data pipelines. You'll mentor junior analysts and partner with leadership to drive our security posture forward. Your expertise will be vital in navigating the complex regulatory landscape of the banking industry and defending against advanced persistent threats.
In this role you will:
- Build, tune, and maintain detection rules and alerts in our SIEM, writing queries to identify threats and coverage gaps aligned to MITRE ATT&CK
- Own incident response execution end-to-end — containment, eradication, recovery, and lessons learned — including forensic log analysis and post-incident reporting
- Monitor and investigate security events across endpoints, cloud (AWS), identity, and network telemetry — identifying misconfigurations, anomalous activity, and suspicious behavior
- Assist with security audits and regulatory examinations, ensuring timely and accurate security documentation and evidence is provided
- Analyze systems, applications, and networks for security configurations in partnership with security engineers.
- Manage log pipelines including ingestion, parsing, normalization, and enrichment to ensure high-fidelity data is available for detection and investigation
- Triage and prioritize vulnerability findings using risk-based frameworks and track remediation SLAs with IT and Engineering
- Collaborate with Engineering on IaC and CI/CD security reviews, and contribute to runbooks and playbooks
- Perform all other duties as assigned
What we are looking for:
- 5+ years in information security or security operations
- Hands-on SIEM experience with query writing, detection building, and alert tuning
- Strong working knowledge of cloud security concepts and services (AWS preferred; GCP and Azure also considered)
- Proficiency working with logs across endpoint, cloud, network, identity, and application sources
- Understanding of CI/CD pipelines and IaC (Terraform, CloudFormation) from a security perspective
- Solid grasp of Windows, macOS, and Linux internals — processes, persistence mechanisms, and attacker TTPs
- Demonstrated IR experience, including leading or contributing to investigations
- Familiarity with data normalization, log parsing, and ETL concepts
- Strong written and verbal communication skills
Preferred:
- Experience with log routing, transformation, and enrichment
- Hands-on experience with an enterprise EDR/XDR platform and its ecosystem tooling — SOAR, exposure management, and identity protection
- Experience with network security tools and interpreting proxy or web traffic logs Background in a regulated industry (financial services, healthcare) with familiarity with NIST CSF, GLBA, or FFIEC
- Scripting or automation experience (Python, Bash) for detection engineering, workflow automation, and version-controlled code in GitHub
- Relevant certifications: CISSP, GCIH, GCIA, GCED, CEH, GDSA, or equivalent
Nice to Have:
- Detection as Code experience using version-controlled detection content
- Exposure to identity security tooling
What we offer:
- Competitive compensation based on experience, geographic location, and role
- Medical, Dental, Vision, Life, 401k Matching, and other wellness benefits, including FSA, HSA and HRA
- Paid parental leave
- Flexible vacation policy, including PTO and paid holidays
- A fun and challenging team environment in a dynamic industry with ample opportunities for career growth
Lead Bank is proud to have an inclusive culture committed to ensuring equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Our compensation reflects the cost of labor across several US geographic markets. Pay is based on a number of factors and may vary depending on geographical market location, job-related knowledge, skills, and experience. These ranges may be modified in the future.
Zone 1: $142,875 - $170,910 (SF/Bay Area, NYC, Seattle)
#LI-AG1
Senior Security Analyst
Lead Bank is looking for a Senior Security Analyst to join our Security Operations team. You'll be a core contributor to our detection and response capabilities — building detections, triaging alerts, responding to incidents, and proactively hunting threats across cloud infrastructure, security tooling, and data pipelines. You'll mentor junior analysts and partner with leadership to drive our security posture forward. Your expertise will be vital in navigating the complex regulatory landscape of the banking industry and defending against advanced persistent threats.
In this role you will:
- Build, tune, and maintain detection rules and alerts in our SIEM, writing queries to identify threats and coverage gaps aligned to MITRE ATT&CK
- Own incident response execution end-to-end — containment, eradication, recovery, and lessons learned — including forensic log analysis and post-incident reporting
- Monitor and investigate security events across endpoints, cloud (AWS), identity, and network telemetry — identifying misconfigurations, anomalous activity, and suspicious behavior
- Assist with security audits and regulatory examinations, ensuring timely and accurate security documentation and evidence is provided
- Analyze systems, applications, and networks for security configurations in partnership with security engineers.
- Manage log pipelines including ingestion, parsing, normalization, and enrichment to ensure high-fidelity data is available for detection and investigation
- Triage and prioritize vulnerability findings using risk-based frameworks and track remediation SLAs with IT and Engineering
- Collaborate with Engineering on IaC and CI/CD security reviews, and contribute to runbooks and playbooks
- Perform all other duties as assigned
What we are looking for:
- 5+ years in information security or security operations
- Hands-on SIEM experience with query writing, detection building, and alert tuning
- Strong working knowledge of cloud security concepts and services (AWS preferred; GCP and Azure also considered)
- Proficiency working with logs across endpoint, cloud, network, identity, and application sources
- Understanding of CI/CD pipelines and IaC (Terraform, CloudFormation) from a security perspective
- Solid grasp of Windows, macOS, and Linux internals — processes, persistence mechanisms, and attacker TTPs
- Demonstrated IR experience, including leading or contributing to investigations
- Familiarity with data normalization, log parsing, and ETL concepts
- Strong written and verbal communication skills
Preferred:
- Experience with log routing, transformation, and enrichment
- Hands-on experience with an enterprise EDR/XDR platform and its ecosystem tooling — SOAR, exposure management, and identity protection
- Experience with network security tools and interpreting proxy or web traffic logs Background in a regulated industry (financial services, healthcare) with familiarity with NIST CSF, GLBA, or FFIEC
- Scripting or automation experience (Python, Bash) for detection engineering, workflow automation, and version-controlled code in GitHub
- Relevant certifications: CISSP, GCIH, GCIA, GCED, CEH, GDSA, or equivalent
Nice to Have:
- Detection as Code experience using version-controlled detection content
- Exposure to identity security tooling
What we offer:
- Competitive compensation based on experience, geographic location, and role
- Medical, Dental, Vision, Life, 401k Matching, and other wellness benefits, including FSA, HSA and HRA
- Paid parental leave
- Flexible vacation policy, including PTO and paid holidays
- A fun and challenging team environment in a dynamic industry with ample opportunities for career growth
Lead Bank is proud to have an inclusive culture committed to ensuring equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Our compensation reflects the cost of labor across several US geographic markets. Pay is based on a number of factors and may vary depending on geographical market location, job-related knowledge, skills, and experience. These ranges may be modified in the future.
Zone 1: $142,875 - $170,910 (SF/Bay Area, NYC, Seattle)
#LI-AG1
