Cyber Defense Senior Analyst

Remote from
USA
Annual salary
Undisclosed
Salary information is not provided for this position. Check our Salary Directory to estimate the average compensation for similar roles.
Department
Cybersecurity
Employment type
Full Time,
Job posted
Apply before
17 Aug 2026
Experience level
Senior
Views / Applies
41 / 3

About Experian

Experian unlocks the power of data to create opportunities for consumers, businesses and society.

Actively Hiring
Verified job posting
This job post has been manually reviewed for authenticity and compliance.

AI Summary

This role is for a Cyber Defense Senior Analyst at Experian, part of a global 24x7 security operations team. The analyst will monitor, triage, and respond to security threats using tools like SIEM and EDR, following documented procedures to meet service level objectives. The position requires deep knowledge of incident response lifecycle, MITRE ATT&CK, and Cyber Kill Chain, with 3+ years of SOC experience. The schedule is Wednesday to Saturday, 10-hour shifts. The role involves collaboration with external teams and contributing to process improvements.

Role DNA

Job Complexity
Easy Hard
Pace & Pressure
Relaxed Fast-paced
Autonomy Level
Guided Full Ownership
Communication Load
Independent Highly Collaborative
AI Insight This senior analyst role requires technical expertise and experience in cybersecurity frameworks, but follows established procedures and does not involve executive-level decision making, so difficulty is high but not extreme.

Salary Analysis

Median Market Rate
$95,000
US Market
$75k – 130k
0 $143k
AI Insight No salary was specified in the job listing, but based on market data for similar roles, the median salary for a Cyber Defense Senior Analyst is approximately $95,000 USD. This is competitive for the required experience and responsibilities.

Dear Hiring Manager,

I am writing to express my strong interest in the Cyber Defense Senior Analyst position at Experian. With over 5 years of experience in security operations and incident response, I have developed a deep understanding of the MITRE ATT&CK framework and the Cyber Kill Chain. I am skilled in using SIEM and EDR tools to detect and respond to threats efficiently.

In my previous role, I successfully triaged and escalated hundreds of security incidents, reducing mean time to respond by 20%. I thrive in collaborative environments and am accustomed to 24/7 shift schedules. I am excited about the opportunity to contribute to Experian's global security posture.

Thank you for considering my application. I look forward to discussing how my skills align with your team's needs.

Sincerely, [Your Name]

Can you explain your experience with SIEM tools? Provide an example of a complex query you've built.
I have extensive experience with Splunk and Azure Sentinel. For example, I created a correlation rule to detect lateral movement by correlating failed logins across multiple systems within a short time window, which helped identify an ongoing attack.
How do you prioritize alerts in a high-volume SOC environment?
I prioritize based on risk severity, using the MITRE ATT&CK framework to map techniques to critical assets. I also consider the potential impact and whether the alert indicates active compromise or reconnaissance.
Describe a time you handled a security incident from detection to closure.
I once detected a ransomware outbreak via EDR alerts. I immediately isolated affected hosts, gathered forensic data, and escalated to the incident response team. I then documented the entire process, including containment steps and lessons learned.
How do you stay updated with the latest cyber threats?
I follow threat intelligence feeds like CISA, attend webinars, and participate in CTF competitions. I also review reports from vendors and share insights with my team during shift handovers.
What steps would you take if you noticed a false positive trend affecting your team's efficiency?
I would analyze the SIEM rule triggering the false positives, document the findings, and suggest tuning the rule or adding exclusions. I would also collaborate with the use case development team to improve detection logic.

Company Description

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create digital marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them to save time and money.

We operate across a range of markets, from financial services to healthcare, automotive, agrifinance, insurance, and many more industry segments.

We invest in people and new advanced technologies to unlock the power of data and to innovate. A FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 23,300 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com.

Job Description

This role operates in a 10×4 Wednesday – Saturday weekly schedule as part of a 24×7 global monitoring function.

The frontline team provides global 24×7 security operations and monitoring for cybersecurity events impacting Experian, and is a division of Experian’s Cyber Fusion Center (CFC), which is organized under the Experian Global Security Office (EGSO).

As a Cyber Defense Senior Analyst, you will perform in-depth analysis, triage, and response to security threats by following documented policies, processes, and playbooks to meet Service Level Objectives (SLOs).

This role is critical in ensuring the handling of potential threats and plays a part in improving security operations.

You will report to the Director of Cyber Defense Security Operations.

You’ll have the opportunity to:

  • Perform daily security operations by monitoring, triaging, and conducting response activities for security events and alerts associated with cyber threats, intrusions, and compromises.
  • Analyze events using security tooling and logging, such as SIEM, EDR, and assess the potential risk/severity level of cyber threats. Escalate higher-risk events to dedicated incident response and management teams in the CFC, according to established processes.
  • Collaborate with external teams for incident resolution and escalations, driving incident handling.
  • Notify team Lead(s) of concerns related to operations, such as anomalous changes in metrics, notable open incidents, quality concerns, or observed risks; support with resolution if appropriate.
  • Manage and complete assigned caseload throughout the incident response lifecycle, including analysis, containment, eradication, recovery, and lessons learned; maintain standards of quality to resolve events.
  • Maintain all case documentation, including notes, analysis findings, containment steps, and cause for each assigned security incident.
  • Perform incident updates or make contact with end-users promptly and document them, and complete case hand-off processes, such as completing/verifying shift logs.
  • Apply subject matter expertise in security operations processes to help improve relevant playbooks, Standard Operating Procedures (SOPs), and training materials.
  • Assist the team Leads and management on use case development by suggesting enhancements or tuning of use cases to improve the security posture of Experian.
  • Participate in paid overtime when operational needs may require additional support.

Qualifications

  • 3+ years of information security experience working within a Security Operations Center or Cyber Security Incident Response Team.
  • Bachelor’s Degree in Computer Science, Computer Engineering, Information Systems, Information Security, or a related field. 6+ years of experience working within a Security Operations Center, Incident Response Team, law enforcement, and/or military experience may be accepted in lieu of this requirement.
  • Demonstrate working knowledge of the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks.
  • Demonstrated knowledge of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), as well as common industry practices to investigate and respond to threats, including phishing, malware, network attacks, suspicious activity, and data security incidents.
  • Demonstrated proficiency in determining appropriate methods to contain, eradicate, and recover from a variety of security incidents. Provide recommendations to prevent incidents from recurring.
  • Possesses an understanding of common Operating Systems (Windows, Linux, Mac OS), Networking (Firewalls, Proxies, NetFlow, etc.), Cloud Infrastructure (AWS, Azure, GCP), and Security Technologies (Anti-Virus, Intrusion Prevention, Web Application Firewalls, etc.)
  • Ability to review and interpret device and application logs from a variety of sources (e.g., Firewalls, Proxies, Web Servers, System Logs, Splunk, Packet Captures, etc.) to identify root cause and determine next steps for containment, eradication, and recovery.
  • Experience with common Incident Response and Security Monitoring applications such as SIEM (e.g., Qradar, Splunk), EDR (e.g., FireEye HX, CrowdStrike Falcon, Microsoft Defender, etc.); experience with Security Orchestration, Automation, and Response (SOAR) technologies such as Palo Alto XSOAR and Google Secops (Chronicle) are a plus.
  • Continuously build advanced cybersecurity expertise across cloud security (Azure/AWS), incident response, threat detection, system and network forensics, SIEM/monitoring tools, vulnerability management, malware analysis, and scripting/automation.
  • One or more professional, currently-held certifications related to Digital Forensics, Incident Response, or Ethical Hacking highly preferred (e.g., GCIH, GMON, GCED, GSOC, CEH, GCFE, GCFA, CFCE, ENCE).
  • Bonus: Information security management certifications (CISSP, CISM) or vendor-specific certifications.

Additional Information

Benefits/Perks:

  • Great compensation package and bonus plan.
  • Core benefits including medical, dental, vision, and matching 401K.
  • Flexible work environment, ability to work remote, hybrid or in-office.
  • Flexible time off including volunteer time off, vacation, sick and 12-paid holidays.
  • Explore all our exciting benefits here: https://yourexperianbenefits.com/cand-index.html.

At Experian, our people and culture set us apart. We’re committed to creating an environment where everyone feels they belong and can excel. From inclusion and authenticity to work/life balance, development, wellness, collaboration, and recognition, we focus on what matters. Our people-first approach has earned us global recognition: World’s Best Workplaces™ 2024 (Fortune Top 25), Great Place To Work™ 2025 in 26 countries, and Glassdoor Best Places to Work 2024, among others.

Want to see what life at Experian is really like? Explore Experian Life on social or visit our careers site.

Our compensation reflects the cost of labor across several U.S. geographic markets. The base pay range for this position is listed above. Within this range, individual pay is determined by work location and additional factors such as job-related skills, experience, and education. You will be also eligible for a variable pay opportunity.

Experian is proud to be an Equal Opportunity Employer for all groups protected under applicable federal, state and local law, including protected veterans and individuals with disabilities. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.

 

#LI-Remote

This is a remote position.

Recruitment Fraud Awareness – Experian’s recruitment process is conducted only through authorised channels. Recruitment communications will only be sent from an @experian.com email address.

Experian will never ask candidates to make any payment as part of an application, interview, assessment, onboarding, or recruitment process. To apply for roles or verify opportunities, please visit experian.com/careers.

Apply now >

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

How to apply

Did you apply? Let us know, and we’ll help you track your application.

See a few more

Similar Cybersecurity remote jobs

Jobs Talent Salaries
Menu