← all jobs

Remote Cyber Analyst jobs – Full‑Time Security Analyst (SIEM & Incident Response) – Kokomo, Indiana – $120k‑$150k – Senior‑Level Opportunity

Work from home Full-time role Hiring

TITLE: Remote Cyber Analyst jobs – Full‑Time Security Analyst (SIEM & Incident Response) – Kokomo, Indiana – $120k‑$150k – Senior‑Level Opportunity --- Why we’re hiring now Our Security Operations Center (SOC) in Kokomo, Indiana has just completed a major migration to a hybrid‑cloud environment. That shift doubled the volume of log data we ingest, and our detection‑to‑response time slipped from 20 minutes to 30 minutes on average. The leadership team set a hard goal: cut the mean time to acknowledge (MTTA) back to under 20 minutes within the next six months while keeping our false‑positive rate below 3 %. To hit those numbers we need an experienced cyber analyst who can own the end‑to‑end incident workflow, mentor junior staff, and champion automation across our toolchain. Our story, in a nutshell Since 2017, the company behind the software you use daily (think SaaS collaboration, remote work tools, and a handful of B2B platforms) has been expanding its product suite from a single‑tenant offering to a multi‑tenant, container‑orchestrated architecture. Security grew from a three‑person team in the basement of our Kokomo, Indiana office to an eight‑analyst, 24‑hour SOC that now covers three continents. We’ve survived two ransomware attempts, a supply‑chain compromise, and an ongoing wave of credential‑stuffing attacks. Each incident taught us a lesson that we turned into a new playbook, a dashboard, or a Python automation script. The team you’ll join - Size: 8 full‑time security analysts (including 2 senior investigators) + 3 threat‑intel researchers - Coverage: 24 × 7, with a 30‑minute SLA for initial alert acknowledgment and a 2‑hour SLA for first‑time containment - Metrics: In the last fiscal year we lowered the average incident resolution time by 15 % and improved detection coverage to 96 % of high‑risk events - Culture: We run daily “stand‑up huddles” at 9 am Kokomo time, weekly “post‑mortem debriefs,” and a monthly “pizza‑and‑learn” where anyone can present a new technique > “I still remember the night we caught the ransomware drip‑feed because our analyst built a custom Splunk query in a coffee‑break. It saved the company a week of downtime and taught me the power of curiosity.” – Jordan, Senior Security Engineer, Kokomo, Indiana What a day looks like (remote, but anchored to Kokomo, Indiana) 1. Morning triage (9:00‑10:30 Kokomo time) – Review the SIEM dashboard (Splunk + Azure Sentinel), prioritize alerts based on risk scoring, and assign the top three to the incident response queue. 2. Investigation sprint (10:30‑12:30) – Pull packet captures from Wireshark, run YARA rules against the Elastic Stack, and if needed fire off a Metasploit exploit in a sandbox to confirm the payload. 3. Lunch break (12:30‑13:15) – We encourage stepping away from the screen, and our “virtual coffee club” syncs people across time zones. 4. Response & remediation (13:15‑15:45) – Use Palo Alto Cortex XSOAR playbooks to isolate compromised hosts, push a PowerShell script to rotate secrets, and document every step in ServiceNow. 5. Automation & tune‑up (15:45‑17:00) – Build or refine Python automations, tweak the Tenable vulnerability scanner policies, and update the detection library in the internal knowledge base. 6. Wrap‑up (17:00‑17:30) – Update the shift handoff log, flag any open tickets for the night‑shift analyst, and post a quick “what‑we‑learned” note on the team Slack channel. The schedule flexes for different time zones, but the rhythm stays the same: triage, deep‑dive, contain, automate, share. Core responsibilities - Alert triage & enrichment – Consume feeds from Splunk, Azure Sentinel, Elastic, and proprietary log parsers; enrich with threat‑intel from MISP and open‑source feeds. - Incident investigation – Perform forensic analysis on Windows, Linux, and container environments; extract artifacts with Volatility, examine network flows in Wireshark, and reconstruct attack timelines. - Containment & eradication – Execute playbooks in Palo Alto Cortex XSOAR, write custom scripts in Python/PowerShell, and coordinate with engineers to patch vulnerabilities identified by Tenable or Nessus. - Root‑cause analysis – Publish post‑mortems that include quantitative impact (e.g., “saved $250k in downtime”), lessons learned, and actionable recommendations. - Automation development – Build reusable detection queries, develop automated enrichment pipelines, and contribute code to our internal GitHub repos (Python, Bash, YAML). - Metrics & reporting – Track MTTA, MTTR, false‑positive rates, and produce weekly KPI dashboards for leadership in Tableau. - Mentorship – Guide junior analysts on log analysis, teach best practices for OSINT, and lead the quarterly “SOC Skills Lab.” Tools you’ll be using (8‑12 core) 1. Splunk Enterprise (search, dashboards, alerts) 2. Azure Sentinel (cloud SIEM) 3. Elastic Stack (ELK) for log aggregation 4. Palo Alto

More open positions

Physical Security Enablement Analyst

Work from home Full-time role

[Remote] Threat Intelligence Analyst - Remote

Work from home Full-time role

Cyber Analyst, Google Threat Intelligence Group, Mandiant

Work from home Full-time role

[Remote] Threat Intelligence Analyst, Finanical Networks

Work from home Full-time role

[Hiring] Cyber Intelligence Analyst @M9 Solutions

Work from home Full-time role

Business Process Manager

Work from home Full-time role

Cost Manager / Quantity Surveyor - Data Center Construction (Heavy Civil)

Work from home Full-time role

Remote Part-Time Data Entry Specialist – Accurate Data Management, Reporting & Collaboration at careerzynith

Work from home Full-time role

[Remote] Credit Products Specialist II - Franchise Finance

Work from home Full-time role

Remote Data Entry Specialist – Precision Data Management, Quality Assurance & Process Optimization at careerzynith

Work from home Full-time role

Director, Regulatory Affairs Strategy

Work from home Full-time role

Dell Boomi Integration Engineer

Work from home Full-time role

[Remote] Call Center Customer Service Advisor

Work from home Full-time role

Respiratory Therapist, PRN

Work from home Full-time role

Remote Accounts Receivable Coordinator - Cash Receipts

Work from home Full-time role

Senior MuleSoft Integrations Developer (Full time or Part time)

Work from home Full-time role

Senior Account Manager - Remote

Work from home Full-time role

Senior VIP Customer Success Associate

Work from home Full-time role

Centralized Scheduler (Remote/No Degree/Experience Required/Entry Level)

Work from home Full-time role

CDI Second Level Reviewer

Work from home Full-time role

[Remote] Customer Service Representative (Dental & Vision Benefits) Remote in Nebraska

Work from home Full-time role