Senior Security Analyst

Join to apply for the Senior Security Analyst role at Veteran Benefits Guide

Veteran Benefits Guide (VBG) was founded by a former United States Marine with the goal of ensuring that Veterans receive accurate disability benefits in a timely manner. Since its founding, VBG has guided more than 45,000 Veterans through the complicated Veterans Affairs (VA) disability claims process. As a company founded by a Veteran and staffed by many Veterans and families of Veterans, VBG is committed to advocating for policies that protect the rights and interests of former service members.

The Senior Cyber Security Analyst is responsible for leading technical security monitoring, detection, and incident response investigations to protect the organization’s systems and data. This role performs deep analysis of security alerts, logs, and forensic artifacts, coordinates containment and remediation activities, and continuously improves detection and response capabilities across the environment.

This position is open to candidates located in the following states:
Arizona (AZ), California (CA), Washington (WA), Nevada (NV), Utah (UT), Illinois (IL), Ohio (OH), New Jersey (NJ), Virginia (VA), North Carolina (NC), and Florida (FL).

• Lead security incident response investigations, including detection, triage, containment, eradication, recovery, and post‑incident analysis.
• Perform deep technical investigations across endpoints, networks, identity systems, and cloud environments to determine root cause, scope, and impact.
• Continuously monitor security alerts and telemetry, validating and escalating threats using SIEM, EDR, and other detection tools.
• Develop and maintain incident documentation, including timelines, evidence, lessons learned, and executive‑level incident reports.
• Coordinate incident response activities with IT, infrastructure, product, legal, and compliance teams to ensure timely and effective remediation.
• Analyze security events and threat intelligence to identify attack patterns, trends, and control gaps, driving improvements to detection and response capabilities.
• Support and enhance incident response playbooks, procedures, and escalation workflows, ensuring repeatable and effective response.
• Conduct proactive threat hunting and log analysis to identify suspicious activity and emerging threats.
  
  Maintain and tune security monitoring and detection tools, including SIEM, intrusion detection/prevention systems, endpoint protection, and antivirus platforms.
• Partner with engineering and IT teams to remediate vulnerabilities and control weaknesses identified through incidents, assessments, and scans.
• Participate in security assessments, vulnerability scanning, and penetration testing, prioritizing findings based on risk and real‑world exploitability.
• Support regulatory and compliance requirements (e.g., HIPAA, GDPR, ISO 27001) by providing incident evidence, investigation summaries, and audit support.
• Stay current on emerging threats, attacker techniques, and vulnerabilities through threat intelligence sources and industry research.
• Communicate investigation findings, risk implications, and remediation recommendations clearly to technical and non‑technical stakeholders.

• CompTIA & GIAC certifications, such as Security+, CySA+, GCIH, GCED, GCIA, or GCFA, are preferred.
• Hands‑on experience with security incident detection, triage, and investigation, including root cause and impact analysis.
• Proficiency with SIEM, EDR, IDS/IPS, and endpoint security tools used in incident response operations.
• Experience analyzing logs, alerts, and forensic artifacts across endpoints, networks, and cloud environments.
• Strong understanding of cyber threats, attacker techniques, and defensive security principles.
• Strong working knowledge of risk management frameworks (NIST, ISO, and CIS) and regulatory requirements for HIPAA compliance.
• Strong analytical, documentation, and communication skills, with the ability to clearly convey findings and recommendations.

• 6+ years of experience in a security operations or incident response role within an enterprise environment.
• Bachelor’s…