Home
Recruiter
Sign In

Cyber Defense Senior Analyst

Remote from
USA flag
USA
Annual salary
Undisclosed
Salary information is not provided for this position. Check our Salary Directory to estimate the average compensation for similar roles.
Department
Cybersecurity
Employment type
Full Time,
Job posted
Apply before
16 Jul 2026
Experience level
Senior
Views / Applies
19 / 4
About company Share

About Experian

Experian unlocks the power of data to create opportunities for consumers, businesses and society.

Actively Hiring
Verified job posting
This job post has been manually reviewed for authenticity and compliance.

AI Summary

Experian is seeking a Cyber Defense Senior Analyst to join its global 24x7 security operations team within the Cyber Fusion Center. The role involves monitoring, triaging, and responding to security events using tools like SIEM and EDR, with responsibilities including incident response lifecycle management and collaboration with external teams. Candidates need 3+ years of SOC experience and knowledge of frameworks like MITRE ATT&CK. This position offers an opportunity to enhance security operations and contribute to improving playbooks and use cases. The role reports to the Director of Cyber Defense Security Operations and operates on a Wednesday-Saturday schedule.

Role DNA

Job Complexity
Easy Hard
Pace & Pressure
Relaxed Fast-paced
Autonomy Level
Guided Full Ownership
Communication Load
Independent Highly Collaborative
AI Insight The role requires 3+ years of experience in a SOC or incident response, deep knowledge of cybersecurity frameworks, and the ability to perform in-depth analysis and response, which indicates a high level of difficulty.

Salary Analysis

Median Highly Competitive
$115,000
US Market
$90k – 140k
0 $154k
AI Insight The offered salary is not specified, but based on market data for a Cyber Defense Senior Analyst in the US, the median is estimated at $115,000. This is competitive for a senior level role in cybersecurity, though actual compensation may vary based on location and experience.

Key Skills

SIEM EDR Incident Response MITRE ATT&CK Cyber Kill Chain Security Operations Threat Analysis Vulnerability Management Forensics Scripting

Dear Hiring Manager,

I am excited to apply for the Cyber Defense Senior Analyst position at Experian. With over 4 years of experience in security operations and incident response, I possess a strong understanding of the MITRE ATT&CK framework and Cyber Kill Chain. My background includes managing complex security incidents and collaborating with cross-functional teams to enhance security posture.

In my previous role at [Previous Company], I successfully reduced response times by 30% through improved playbook automation. I am adept at using SIEM and EDR tools to triage and escalate threats effectively.

I am eager to bring my expertise to Experian's global security team and contribute to protecting critical data assets. Thank you for considering my application.

Sincerely, [Your Name]

Describe your experience with the incident response lifecycle. How do you approach containment and eradication?
I follow the NIST incident response framework: preparation, detection and analysis, containment, eradication, and recovery. For containment, I prioritize isolation of affected systems to prevent lateral movement. Eradication involves removing malicious artifacts and patching vulnerabilities. I document every step to ensure lessons learned are captured.
How do you stay updated on the latest cyber threats and attack techniques?
I regularly follow threat intelligence feeds like AlienVault OTX, attend webinars, and participate in cybersecurity communities. I also practice through platforms like Hack The Box and review CISA alerts to understand emerging threats.
Can you explain a time you had to escalate an incident to a higher-level team? What was the outcome?
In a previous role, I detected anomalous outbound traffic suggesting data exfiltration. I escalated to the incident response team, who confirmed a compromised endpoint. We contained the breach and mitigated further damage. My timely escalation prevented data loss.
What SIEM tools have you used, and how do you tune use cases to reduce false positives?
I have experience with Splunk and ArcSight. To reduce false positives, I analyze historical alerts, adjust correlation rules based on baseline behavior, and collaborate with threat hunters to validate rule effectiveness. Regular tuning sessions are essential.
How do you handle high-pressure situations during a major security incident?
I stay calm and follow established playbooks. Clear communication with stakeholders is critical. I prioritize containment to minimize impact and delegate tasks to team members. After resolution, we conduct a post-mortem to improve processes.

Company Description

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create digital marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them to save time and money.

We operate across a range of markets, from financial services to healthcare, automotive, agrifinance, insurance, and many more industry segments.

We invest in people and new advanced technologies to unlock the power of data and to innovate. A FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 23,300 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com.

Job Description

This role operates in a 10×4 Wednesday – Saturday weekly schedule as part of a 24×7 global monitoring function.

The frontline team provides global 24×7 security operations and monitoring for cybersecurity events impacting Experian, and is a division of Experian’s Cyber Fusion Center (CFC), which is organized under the Experian Global Security Office (EGSO).

As a Cyber Defense Senior Analyst, you will perform in-depth analysis, triage, and response to security threats by following documented policies, processes, and playbooks to meet Service Level Objectives (SLOs).

This role is critical in ensuring the handling of potential threats and plays a part in improving security operations.

You will report to the Director of Cyber Defense Security Operations.

You’ll have the opportunity to:

  • Execute daily security operations by monitoring, triaging, and conducting response activities for security events and alerts associated with cyber threats, intrusions, and compromises.
  • Analyze events using security tooling and logging, such as SIEM, EDR, and assess the potential risk/severity level of cyber threats. Escalate higher-risk events to dedicated incident response and management teams in the CFC, according to established processes.
  • Collaborate with external teams for incident resolution and escalations, driving incident handling.
  • Notify team Lead(s) of concerns related to operations, such as anomalous changes in metrics, notable open incidents, quality concerns, or observed risks; support with resolution if appropriate.
  • Manage and complete assigned caseload throughout the incident response lifecycle, including analysis, containment, eradication, recovery, and lessons learned; maintain standards of quality to resolve events.
  • Maintain all case documentation, including notes, analysis findings, containment steps, and cause for each assigned security incident.
  • Perform incident updates or make contact with end-users promptly and document them, and complete case hand-off processes, such as completing/verifying shift logs.
  • Apply subject matter expertise in security operations processes to help improve relevant playbooks, Standard Operating Procedures (SOPs), and training materials.
  • Assist the team Leads and management on use case development by suggesting enhancements or tuning of use cases to improve the security posture of Experian.
  • Participate in paid overtime when operational needs may require additional support.

Qualifications

  • 3+ years of information security experience working within a Security Operations Center or Cyber Security Incident Response Team.
  • Bachelor’s Degree in Computer Science, Computer Engineering, Information Systems, Information Security, or a related field. 6+ years of experience working within a Security Operations Center, Incident Response Team, law enforcement, and/or military experience may be accepted in lieu of this requirement.
  • Demonstrate working knowledge of the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks.
  • Demonstrated knowledge of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), as well as common industry practices to investigate and respond to threats, including phishing, malware, network attacks, suspicious activity, and data security incidents.
  • Demonstrated proficiency in determining appropriate methods to contain, eradicate, and recover from a variety of security incidents. Provide recommendations to prevent incidents from recurring.
  • Possesses an understanding of common Operating Systems (Windows, Linux, Mac OS), Networking (Firewalls, Proxies, NetFlow, etc.), Cloud Infrastructure (AWS, Azure, GCP), and Security Technologies (Anti-Virus, Intrusion Prevention, Web Application Firewalls, etc.)
  • Ability to review and interpret device and application logs from a variety of sources (e.g., Firewalls, Proxies, Web Servers, System Logs, Splunk, Packet Captures, etc.) to identify root cause and determine next steps for containment, eradication, and recovery.
  • Experience with common Incident Response and Security Monitoring applications such as SIEM (e.g., Qradar, Splunk), EDR (e.g., FireEye HX, CrowdStrike Falcon, Microsoft Defender, etc.); experience with Security Orchestration, Automation, and Response (SOAR) technologies such as Palo Alto XSOAR and Google Secops (Chronicle) are a plus.
  • Continuously build advanced cybersecurity expertise across cloud security (Azure/AWS), incident response, threat detection, system and network forensics, SIEM/monitoring tools, vulnerability management, malware analysis, and scripting/automation.
  • One or more professional, currently-held certifications related to Digital Forensics, Incident Response, or Ethical Hacking highly preferred (e.g., GCIH, GMON, GCED, GSOC, CEH, GCFE, GCFA, CFCE, ENCE).
  • Bonus: Information security management certifications (CISSP, CISM) or vendor-specific certifications.

Additional Information

Benefits/Perks:

  • Great compensation package and bonus plan.
  • Core benefits including medical, dental, vision, and matching 401K.
  • Flexible work environment, ability to work remote, hybrid or in-office.
  • Flexible time off including volunteer time off, vacation, sick and 12-paid holidays.
  • Explore all our exciting benefits here: https://yourexperianbenefits.com/cand-index.html.

At Experian, our people and culture set us apart. We’re committed to creating an environment where everyone feels they belong and can excel. From inclusion and authenticity to work/life balance, development, wellness, collaboration, and recognition, we focus on what matters. Our people-first approach has earned us global recognition: World’s Best Workplaces™ 2024 (Fortune Top 25), Great Place To Work™ 2025 in 26 countries, and Glassdoor Best Places to Work 2024, among others.

Want to see what life at Experian is really like? Explore Experian Life on social or visit our careers site.

Our compensation reflects the cost of labor across several U.S. geographic markets. The base pay range for this position is listed above. Within this range, individual pay is determined by work location and additional factors such as job-related skills, experience, and education. You will be also eligible for a variable pay opportunity.

Experian is proud to be an Equal Opportunity Employer for all groups protected under applicable federal, state and local law, including protected veterans and individuals with disabilities. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.

#LI-Remote

This is a remote position.

Apply now >

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

How to apply

Did you apply? Let us know, and we’ll help you track your application.

For safety tips, see our guides, and please let us know if you need any assistance.

Log in to save
You're almost done!

Create a free account with us to save a history of all jobs you've shown interest in.

You can also continue as a guest if you prefer.

Share

See a few more

Similar Cybersecurity remote jobs

More Jobs

Job Search Safety Tips

Here are some tips to help you search and apply for jobs safely:
Watch out for suspicious jobs Don't apply for jobs that offer high pay for little work or offer to hire you without an interview. Read more ›
Check the employer's profile Make sure you're applying for a trustworthy job by visiting the employer's profile and learning more about them. Read more ›
Protect your information Don't share personal details like your bank account or government-issued ID on suspicious websites or messengers. Read more ›
Report jobs that feel unsafe If you see a job that seems misleading, inappropriate or discriminatory, report it for going against our policies and we'll review it.

Share this job

Jobicy+ Subscription

Jobicy

617 professionals pay to access exclusive and experimental features on Jobicy

Free

USD $0/month

For people just getting started

  • • Unlimited applies and searches
  • • Access on web and mobile apps
  • • Weekly job alerts and digest
  • • Access to additional tools like Bookmarks, Applications, and more

Plus

USD $8/month

Everything in Free, and:

  • • Ad-free experience
  • • Daily job alerts and digest
  • • Personal career consultant
  • • AI-powered job advice
Go to account ›