Threat Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

ThreatLocker · 2 hours ago

Threat Analyst

positionOrlando, FL
timeFull-time
remoteOnsite
seniorityMid Level
date3+ years exp

ThreatLocker® is a leader in endpoint protection technologies, providing enterprise-level cybersecurity tools. The Threat Analyst is responsible for identifying, investigating, and responding to cyber threats, vulnerabilities, and security incidents across the organization’s systems and networks, focusing on proactive monitoring and quick response to security events.

Cyber SecurityInformation TechnologyNetwork Security
check
H1B Sponsor Likelynote

Responsibilities

Monitor security tools and systems (SIEM, IDS/IPS, EDR, etc.) for suspicious activity or breaches
Analyze security alerts and data to identify potential threats, vulnerabilities, and compromises
Build and refine detection capabilities using security tools, threat intelligence, and machine learning models
Lead and participate in the response to security incidents (investigating, containing, eradicating, and recovering from threats)
Collaborate with cross-functional teams to develop incident handling processes and ensure timely remediation
Create detailed post-incident reports, including root cause analysis and recommendations for improvements
Develop automated tools and scripts to enhance security detection capabilities and streamline threat detection workflows
Maintain and enhance detection tools, including writing custom SNORT, SIGMA, and YARA rules, and updating rulesets in accordance with new threats
Conduct forensic analysis and threat hunting to identify malicious activity
Review logs from various systems (e.g., firewalls, servers, network devices) to uncover unauthorized activities
Research and stay current on emerging threats, vulnerabilities, and cyber-attack techniques
Contribute to the enhancement of security monitoring tools, processes, and playbooks
Develop automated scripts and tools to improve detection and response efficiency
Work closely with DevOps, Network, and Security Engineering teams to ensure secure architectures and systems
Leverage internal and external threat intelligence sources to stay informed about the latest security trends and threats
Share insights with internal stakeholders to ensure proactive measures are in place
Ensure security processes and procedures align with regulatory requirements and industry best practices (e.g., NIST, CIS, ISO 27001)
Assist in the preparation of audit reports and security assessments

Qualification

Threat detectionIncident responseSecurity monitoringPowerShellPythonSIEMNetworking principlesCybersecurity technologiesActive DirectoryVirtual machinesRelevant certificationsSoft skills

Required

3 years of experience in Information Technology with 1 year of specialized work in any of the following IT domains: Active Directory, Application Development, Network Administration, Information Security
Education in Information Technology or a comparable degree can offset 2 years of required experience for high achieving individuals
Experience with virtual machines on VirtualBox, Workstation Pro (Type 2 hypervisor)
Bare-metal (type 1) hypervisor experience (ESXi, HyperV)
Foundational knowledge of Active Directory infrastructure
Proficient in PowerShell and Python
Strong understanding of foundational Windows OS components: Windows Firewall, Windows Event Logs, Windows file structure, PowerShell
Strong understanding of networking and security principles: RFC 1918, DNS, well-known ports, TCP/IP, CIA triad and its relevance to Information Security, AAA Framework
Familiar with MITRE ATT&CK framework
Cybersecurity technologies and their applications: SIEM, IDS/IPS, NGFW, SOAR, EDR
Excellent analytical and problem-solving skills
Ability to communicate effectively
Self-starting mentality
Critical thinking
Ability to work in a high-pressure environment
Ability to collaborate and work effectively in a team setting
Strong time management skills with an ability to meet time sensitive deadlines
Confidence in conveying professional opinions about product functionality and roadmap
Relevant certifications: Network+, Security+, CySa+, GSEC, GCIA

Company

ThreatLocker

twittertwittertwitter
company-logo
ThreatLocker is a cybersecurity company that specializes in endpoint security and application whitelisting solutions.
dateFounded in 2017
location
Orlando, Florida, USA
people-size501-1000 employees
web-link
https://www.threatlocker.com

H1B Sponsorship

ThreatLocker has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2)
2022 (2)

Funding

Current Stage
Late Stage
Total Funding
$299.44M
Key Investors
General AtlanticElephantArthur Ventures
2025-04-10Series E· $60M
2024-04-24Series D· $115M
2022-04-19Series C· $100M

Leadership Team

leader-logo
Danny Jenkins
CEO
linkedin
S
Sami Jenkins
Co-Founder and COO
linkedin

Recent News

Bizjournals.com Feed (2025-11-12 15:43:17)
ThreatLocker's garage naming rights deal highlights growth, expanded Orlando Magic partnership
2026-01-19
EIN Presswire
Orlando Magic Accelerate International Business Growth and Fan Engagement Ahead of Global Games
2026-01-12
EIN Presswire
Parking Garage Adjacent to Kia Center to be Renamed ThreatLocker Garage
2026-01-09
Company data provided by crunchbase