{"schemaVersion":"jobsearcher.job.v1","id":"4f844b2bb65dcbb8eda4e1e5","url":"https://jobsearcher.com/jobs/4f844b2bb65dcbb8eda4e1e5","canonicalUrl":"https://jobsearcher.com/jobs/4f844b2bb65dcbb8eda4e1e5","title":"Security Analyst","description":"SailPoint’s Cybersecurity organization is seeking a Security Analyst with a passion for cybersecurity and protecting the organization.The role independently handles moderately complex events and events of interest, contributes to proactive threat monitoring, and participates in purple teaming and threat intelligence activities. This role involves refining playbooks and conducting threat hunting. Applicants should embrace the opportunity to work across diverse platforms with a variety of tools and will play a key role as we continually improve our capabilities.The ideal candidate will embody SailPoint's 4 I’s of Integrity, Individuals, Impact, and Innovation. They will embrace new challenges and contribute positively to our established team of talented and dedicated teammates to achieve our security objectives.This role reports directly to the Americas SOC Manager, can be remote anywhere in Mexico, and will be working amid-day shift with hours from 1:00 PM - 10:00 PM CDT.ResponsibilitiesIndependently triage and investigate security events and events of interest, determining root causes and mitigating potential incidents.\nUpdate and maintain response playbooks for events of interest and potential incidents, incorporating threat intelligence insights.\nConduct basic threat hunting using SIEM queries and EDR tools to identify potential threats.\nParticipate in purple team exercises, collaborating with blue and red teams to test and improve detection capabilities.\nCollect and analyze threat intelligence from internal and external sources (e.g., IOCs, TTPs) to enhance detection rules.\nPerform risk enumeration to identify vulnerabilities and misconfigurations, using scanning tools and threat intelligence.\nAssist in training Junior Engineers on tools, processes, and basic purple teaming concepts.\nDocument findings and contribute to reports on events, events of interest, and threat intelligence.\nRequirementsBachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience).\n2–4 years of experience in cybersecurity, with at least 1 year in a detection/response role.\nProficiency in SIEM platforms, EDR tools, and basic scripting (e.g., Python, PowerShell) for automation.\nExperience with purple teaming exercises and applying threat intelligence to detection processes.\nStrong understanding of attack vectors, malware analysis, and network protocols.\nCertifications such as CySA+, CEH, or equivalent are required.\nAbility to work independently and collaborate with cross-functional teams.\nAbility to quickly pick up and learn new technologies.\nAble to collaborate with cross-functional teams.\nA willingness to be challenged and a strong desire to learn.\nGood personal communications skills.\nA foundational understanding of applications, networks, cloud architecture, and coding concepts.\n30-Day Milestones (The \"Learning\" Phase)Rapidly achieve proficiency across the security stack (SOAR, SIEM, EDR).\nIndependently perform basic triage of security events by following established documentation.\nUnderstand the team's processes and align investigation techniques with our standards.\n60-Day Milestones (The \"Connecting\" Phase)Triage all event types completely and autonomously without oversight.\nOperate as a fully functional and integrated member of the SOC team.\nDemonstrate a solid understanding of what \"normal\" looks like in our environment.\n90-Day Milestones (The \"Contribution\" Phase)Move beyond basic triage to actively contribute to process improvement initiatives.\nBegin identifying and proposing ideas for rule tuning, rule development, and automation.\n6-Month Milestones (The \"Performance\" Phase)Confidently triage events and elevate when necessary, with investigation quality meeting all team standards.\nActively participate in process improvement projects, working with other teams to implement changes.\nPerform assigned threat hunting using SIEM and EDR tools.\nActively participate in the QA process.\n1-Year Milestones (The \"Mastery\" Phase)Handle complex investigations with confidence.\nConsistently drive improvements in automation, detection, and response procedures.\nInitiate threat hunting based on available threat intelligence.\nSailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law.\nAlternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact applicationassistance@sailpoint.com or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations. NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.#J-18808-Ljbffr","company":"Sailpoint","rawCompany":"sailpoint","city":"Austin","state":"TX","isRemote":false,"isActive":false,"createdAt":"2026-04-09T07:54:38.867Z","occupations":[{"code":"15-1212.00","title":"Information Security Analysts","slug":"information-security-analysts"},{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"},{"code":"13-1199.07","title":"Security Management Specialists","slug":"security-management-specialists"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"541519","title":"Other Computer Related Services","slug":"other-computer-related-services"},{"code":"541690","title":"Other Scientific and Technical Consulting Services","slug":"other-scientific-and-technical-consulting-services"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"Security Analyst","description":"SailPoint’s Cybersecurity organization is seeking a Security Analyst with a passion for cybersecurity and protecting the organization.The role independently handles moderately complex events and events of interest, contributes to proactive threat monitoring, and participates in purple teaming and threat intelligence activities. This role involves refining playbooks and conducting threat hunting. Applicants should embrace the opportunity to work across diverse platforms with a variety of tools and will play a key role as we continually improve our capabilities.The ideal candidate will embody SailPoint's 4 I’s of Integrity, Individuals, Impact, and Innovation. They will embrace new challenges and contribute positively to our established team of talented and dedicated teammates to achieve our security objectives.This role reports directly to the Americas SOC Manager, can be remote anywhere in Mexico, and will be working amid-day shift with hours from 1:00 PM - 10:00 PM CDT.ResponsibilitiesIndependently triage and investigate security events and events of interest, determining root causes and mitigating potential incidents.\nUpdate and maintain response playbooks for events of interest and potential incidents, incorporating threat intelligence insights.\nConduct basic threat hunting using SIEM queries and EDR tools to identify potential threats.\nParticipate in purple team exercises, collaborating with blue and red teams to test and improve detection capabilities.\nCollect and analyze threat intelligence from internal and external sources (e.g., IOCs, TTPs) to enhance detection rules.\nPerform risk enumeration to identify vulnerabilities and misconfigurations, using scanning tools and threat intelligence.\nAssist in training Junior Engineers on tools, processes, and basic purple teaming concepts.\nDocument findings and contribute to reports on events, events of interest, and threat intelligence.\nRequirementsBachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience).\n2–4 years of experience in cybersecurity, with at least 1 year in a detection/response role.\nProficiency in SIEM platforms, EDR tools, and basic scripting (e.g., Python, PowerShell) for automation.\nExperience with purple teaming exercises and applying threat intelligence to detection processes.\nStrong understanding of attack vectors, malware analysis, and network protocols.\nCertifications such as CySA+, CEH, or equivalent are required.\nAbility to work independently and collaborate with cross-functional teams.\nAbility to quickly pick up and learn new technologies.\nAble to collaborate with cross-functional teams.\nA willingness to be challenged and a strong desire to learn.\nGood personal communications skills.\nA foundational understanding of applications, networks, cloud architecture, and coding concepts.\n30-Day Milestones (The \"Learning\" Phase)Rapidly achieve proficiency across the security stack (SOAR, SIEM, EDR).\nIndependently perform basic triage of security events by following established documentation.\nUnderstand the team's processes and align investigation techniques with our standards.\n60-Day Milestones (The \"Connecting\" Phase)Triage all event types completely and autonomously without oversight.\nOperate as a fully functional and integrated member of the SOC team.\nDemonstrate a solid understanding of what \"normal\" looks like in our environment.\n90-Day Milestones (The \"Contribution\" Phase)Move beyond basic triage to actively contribute to process improvement initiatives.\nBegin identifying and proposing ideas for rule tuning, rule development, and automation.\n6-Month Milestones (The \"Performance\" Phase)Confidently triage events and elevate when necessary, with investigation quality meeting all team standards.\nActively participate in process improvement projects, working with other teams to implement changes.\nPerform assigned threat hunting using SIEM and EDR tools.\nActively participate in the QA process.\n1-Year Milestones (The \"Mastery\" Phase)Handle complex investigations with confidence.\nConsistently drive improvements in automation, detection, and response procedures.\nInitiate threat hunting based on available threat intelligence.\nSailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law.\nAlternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact applicationassistance@sailpoint.com or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations. NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.#J-18808-Ljbffr","datePosted":"2026-04-09T07:54:38.867Z","dateModified":"2026-04-09T07:54:38.867Z","hiringOrganization":{"@type":"Organization","name":"Sailpoint","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Austin","addressRegion":"TX","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"4f844b2bb65dcbb8eda4e1e5"},"url":"https://jobsearcher.com/jobs/4f844b2bb65dcbb8eda4e1e5"}}