Senior Cybersecurity Analyst

If you are ready to join a company that truly cares about its employees, our members, and our community then you have come to the right place!

The Senior Cybersecurity Analyst serves as a senior technical authority within the Cyber Assurance function, responsible for the design, optimization, and execution of enterprise-scale detection, response, and threat mitigation capabilities. This role leads advanced analysis of alerts generated by detective, preventive, and corrective security controls and plays a critical role in protecting organizational assets, member data, and missioncritical systems.

This position operates as a key contributor to Security Incident Response, providing deep expertise in threat actor tactics, techniques, and procedures (TTPs), detection engineering, and response orchestration. The Senior Analyst is accountable not only for response execution, but also for improving detection, reducing risk exposure, and influencing control strategy across the enterprise.

The role requires a strong understanding of business processes, data flows, regulatory obligations, and insider risk, enabling balanced and defensible response decisions for complex DLP, insider threat, and advanced cyber events. The Senior Analyst routinely serves as an escalation point, mentor, and technical lead, supporting less senior analysts and influencing security architecture decisions.

Advanced Detection & Incident Response

• Lead the triage, investigation, and response to complex security events identified by SIEM, XDR, DLP, UEBA, CSPM, IT tools and other enterprise security platforms.

• Serve as technical lead during high-severity incidents, coordinating containment, eradication, and recovery activities across Security, IT, Legal, Privacy, and business stakeholders. Reporting status to VP, SVP and CRSO as needed.

• Execute and refine incident response playbooks aligned to regulatory, legal, and organizational requirements. Has knowledge of systems and the risks and impact of risk while investigating incidents.

Detection Engineering & Control Optimization

• Design, tune, and continuously improve detection logic, correlation rules, and alerting thresholds to maximize signal fidelity and minimize false positives/negatives.

• Identify systemic gaps in security coverage and recommend control enhancements or architectural changes to mitigate emerging threats.

• Champion the use of automation and AI to improve and refine risk coverage while maintaining highly quality detection and response actions and reduce noise and alert fatigue.

• Partner with security engineering and IT teams to implement and validate improvements to security tooling and telemetry sources.

Threat Intelligence & Proactive Defense

• Conduct threat hunting operations using hypothesis-driven techniques aligned to current threat intelligence and adversary behavior.

• Maintain expert-level knowledge of threat actor TTPs, mapping activity to frameworks such as MITRE ATT&CK to inform detection and response strategies.

• Translate threat intelligence into actionable detection and prevention improvements.

Governance, Metrics & Documentation

• Develop and maintain comprehensive documentation for detection logic, triage procedures, incident handling, and response workflows.

• Development and maintenance of incident playbooks for all common data security threats faced by a financial institution. This includes scheduling self tests of playbooks and recommending new playbooks or changes based on emerging threats.

• Produce executive-ready metrics and reporting demonstrating control effectiveness, incident trends, and risk reduction outcomes.

• Ensure appropriate confidentiality, evidentiary handling, and audit readiness when managing sensitive security incidents.

Automation, Enablement & Leadership

• Identify and implement automation opportunities (SOAR, scripting, workflow optimization) to improve response speed and consistency.

• Act as a technical mentor and escalation resource for other analysts, contributing to skill development and operational maturity.

• Influence security strategy through subject-matter expertise, risk-based recommendations, and participation in cross-functional initiatives.

• Participate in on-call rotation for incident response and critical security events.

• Bachelor's degree in Computer Science, Engineering, Cybersecurity, or related field, or equivalent professional experience.

• Ten (10)+ years of progressive experience in Information Security, with demonstrated focus on detection engineering, incident response, or security operations.

Certifications (Preferred / Required)

• CISSP, GCIA, GCED, GCIH, or equivalent advanced security certification preferred.

• Ability to obtain and maintain required certifications within 2 years if not already held.

• Twelve (12)+ years of overall experience in enterprise IT environments, including networking, endpoint, server, and cloud platforms.

• Proven experience serving as Incident Response Lead or Senior Analyst for complex, high-impact security events.

• Hands-on expertise with SIEM, XDR, DLP, UEBA, CSPM, EDR, and cloud security platforms.

• Strong understanding of data protection, insider risk, and regulatory-driven security response.

Compensation:$106,194 $169,910, plus a competitive benefits package

Bilingual individuals who are fluent in a second language in addition to English are highly encouraged to apply.

We are an equal opportunity employer. We do not discriminate on the basis of race, creed, color, national origin, religion, sex, age, veteran status, disability, genetic information, gender identity, or any other protected class.

Broadview FCU is committed to ensuring individuals with disabilities and/or those whohave special needs participate in the workforce and are afforded equal opportunity to apply and compete for jobs. If you would like to contact us regarding the accessibility of our Website or need assistance completing the application process, please contact us at talentacquisition@broadviewfcu.com