Join Vanguard as a Lead Cyber Security Operations Analyst in our Cyber Security Operations Center (CSOC) and play a pivotal role in safeguarding our digital ecosystem. This remote position offers a unique opportunity to lead advanced threat detection and mitigation efforts across cloud environments, web applications, and network infrastructure. You will be at the forefront of defending against sophisticated cyber threats, leveraging your expertise in Cloud Security Architecture, Web Application Firewall (WAF) operations, DDoS mitigation, and traffic analysis. Your insights will drive proactive threat modeling and behavioral analytics, ensuring resilient and secure digital experiences for our clients and crew. This role is open for both internal and external candidates who are passionate about cyber defense and eager to make a meaningful impact in a dynamic and collaborative environment. This remote position can be based anywhere in the US, ideally, within a reasonable distance from a Vanguard Business Center

QUALIFICATIONS:

7+ years experience in a cyber security, cyber investigations, cyber threat intelligence, or combination of these three roles.
Undergraduate degree in Technical discipline, Computer Science or related field required. Graduate degree preferred.
CISSP, AWS Cloud Practitioner, AWS Certified Security - Specialty, or other cloud specific certifications preferred.
Automation and scripting for WAF operations.
Machine Learning and behavioral analytics for traffic anomalies.
Deep understanding of SIEM / SOAR technologies with hand on experience creating correlation rules for complex investigative workflows.

• Demonstrates knowledge, skills, and ability to conduct formal incident investigations, lead advanced incident handling scenarios including internal and external data breaches, abnormal network and host activity, and assess risk derived from a platform or data-lake.
• Mentor junior level analysts and assist when needed.
• Provide support for escalated Incident Ticket resolution.
• Designs and implements cyber security and operations procedures, tasks and reports. Identifies process gaps and recommends solutions to improve workflow and mitigate risk.
• Serves as a security expert in application development, database design, network, and/or platform (operating system) efforts, helping security project teams comply with enterprise and IT security policies, industry regulations, and best practices.
• Participates in special projects and performs other duties as assigned.
• Top Skills:
• Advanced WAF & Edge Security Expertise. Ability to configure, tune, and optimize WAF rulesets (signatures, rate-limiting, bot mitigation, account protection).
• Web Application & Traffic Analysis Skills. Proficient in analyzing http/s traffic patterns, including headers, cookies, session tokens, and payloads.
• Cloud Security Architecture & Threat Modeling for web applications. Deep understanding of cloud security services, capabilities and defense in depth best practices.