Security Analyst - Tier 3
7AI is on a mission to put swarming AI agents in the hands of defenders to offload non-human work, shift people up, and finally focus on achieving the security outcomes that teams have been searching for. We are seeking curious, detail-oriented, technical experts who thrive on solving complex, high-stakes puzzles and are deeply customer-obsessed to continue our mission of building the world’s first Agentic Security Platform.
As a Tier 3 Security Analyst at 7AI, you will serve as the technical leader and point of escalation for junior analysts who are analyzing and triaging 7AI Agents’ investigations, identifying correct execution, and reducing risk for customers. You will retrospectively prove the maliciousness of threats that were stopped to help customers understand the gravity at which our service is working for them. You will help architect scalable processes to build high-functioning systems, while remaining resilient and vigilant in the face of adversarial threats. You will use your expertise of various data sources to perform investigations ad hoc, pulling data to support incident investigation as they are happening, and hunt for malicious activity in customer environments.
What You’ll Do:
Analyze and validate investigations completed by the AI Agents for accuracy and completeness, evaluating risk
Lead and mentor junior analysts and serve as the technical expert and key escalation point for investigations
Correlate data from various data sources including cloud, endpoint, identity, network, etc. to understand that full picture of a malicious activity
Investigate malicious activity that the 7AI Agents responded to and understand the complexity of the attack that was stopped including the risk that was prevented for customers
Use our advanced AI Agents to hunt in customer environments to detect and remediate emerging threats, ultimately contributing to detections that will be folded back into the product
Assist customers with ongoing threat monitoring, triage, and prioritization of security alerts as needed but especially during incidents to resolve threats and secure the environment
Proactively identify potential threats and anomalies in customer environments by reviewing logs and malicious findings
Utilize your supreme communication skills to engage with customers who vary in their level of technical depth and focus (from SOC analysts to CISOs)
Architect processes while we build out this elite organization to scale the operation sustainably while maintaining consistent quality
Collaborate with the Sales, Engineering, and Product teams, providing feedback on the customer experience and assist in optimizing and tuning the AI platform
Stay current with emerging cybersecurity trends, vulnerabilities, and new attack techniques, especially the field of AI-driven attacks
Required Qualifications:
5+ years of experience in cyber security operations
Hands-on experience with investigating alerts and across multiple sources (endpoint, network, identity, email, cloud, etc.)
Strong understanding of security monitoring tools (XDR, SIEM, IDS/IPS, IDP, etc.)
Familiarity with log \ telemetry concepts
Experience analyzing and investigating security alerts from multiple sources, including intrusion detection systems, network monitoring tools, and endpoint protection platforms
Strong knowledge of common attack techniques and frameworks (MITRE ATT&CK) and incident triage methodologies
Strong analytical and problem-solving skills, with the ability to verify AI-driven analysis and make independent security decisions
Data querying experience with SIEM querying technologies (SPL, KQL, FQL, SQL, etc) and familiarity with log / telemetry concepts
Strong knowledge with Malware Analysis methods
Great interpersonal skills with a service oriented mindset
Proven track record of successfully collaborating in a team, including mentorship skills and ability to teach complex concepts
Preferred qualifications:
Prior experience in a Managed Services environment
Incident Handling experience
Relevant certifications: Security+, GSEC, GCIH