Cybersecurity Analyst

Graco manufactures and markets premium equipment to move, measure, control, dispense and spray a wide variety of fluid and powder materials. What does that mean? Well, we pump peanut butter into your jar, and the oil in your car. We glue the soles of your shoes, the glass in your windows and the screen on your phone. We spray the finish on your vehicle, coatings on your pills, the paint on your house and texture on your walls. Graco is part of your daily life.This role is currently based at our Minneapolis office and will transition to our new headquarters in Dayton, MN, in 2027.The Security Analyst will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats across enterprise environments. This role will operate at the intersection of security operations, incident response, automation, and security data analytics, leveraging modern SIEM, SOAR, XDR, and MDR platforms.The analyst will work closely with SOC, cloud, IAM, and engineering teams to improve detection fidelity, accelerate response, and reduce operational risk through automation and AI‑assisted security operations.What You Will Do At GracoSecurity Operations & Incident ResponseMonitor and triage security alerts from SIEM, XDR, EDR, and MDR platformsPerform incident investigation, containment, eradication, and recoveryConduct root cause analysis and document incidents, lessons learned, and response improvementsSupport 24x7 SOC operations (on‑call or rotational as required)Security Analytics & Detection EngineeringDevelop, tune, and maintain SIEM detection rules, analytics, and dashboardsPerform security data analysis across logs, telemetry, and threat intelligence sourcesCorrelate data across endpoints, identities, networks, cloud workloads, and applicationsImprove signal‑to‑noise ratio and reduce false positivesSOAR, Automation & AI‑Driven SecurityDesign, implement, and optimize SOAR playbooks for alert triage and responseSupport SOC automation initiatives to reduce manual effort and MTTRLeverage AI‑powered security assistants (e.g., Microsoft Copilot for Security or other GenAI tools) to:Accelerate investigationsSummarize incidentsEnhance analyst productivityContribute to adoption of AI‑driven SIEM/XDR capabilities (added plus)Forensics & Threat InvestigationPerform endpoint, identity, email, and cloud forensicsAnalyze malware, phishing, and account compromise scenariosPartner with Threat Intelligence teams to track adversary techniques (MITRE ATT&CK)Collaboration & Continuous ImprovementWork with IAM, Cloud Security, Network, and Application Security teamsSupport continuous improvement of SOC processes, runbooks, and metricsParticipate in purple team exercises, tabletop simulations, and post‑incident reviewsWhat You Will Bring To GracoBachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)3+ years of experience in Security Operations / SOC / Incident ResponseHands‑on experience with:SIEM platforms (log ingestion, correlation, alerting)SOAR platforms (playbooks, automation)Incident Response & Digital ForensicsStrong hands‑on experience with Microsoft Defender ecosystem:Defender for EndpointDefender for Office 365Defender for IdentityDefender for Cloud AppsDefender for CloudExperience with Microsoft Sentinel (analytics rules, KQL, workbooks, automation)Experience with one or more Managed Detection & Response (MDR) / XDR platforms, such as:CrowdStrikeRapid7Arctic Wolfor similar enterprise MDR/XDR solutionsSolid understanding of:Identity & Access Management (IAM)Cloud SecurityEndpoint & Email SecurityThreat Detection & ResponseAccelerators Experience with AI‑driven security operations, including:Copilot for SecurityGenAI‑powered SOC toolsAI‑assisted investigation and responseExperience with cloud platforms:AWS, OCI, Azure, or GCPFamiliarity with XDR‑native SIEM platformsScripting or automation experience:Python, PowerShell, KQL, REST APIsExperience with MITRE ATT&CK, NIST CSF, or similar frameworksRelevant certifications:SC‑200, SC‑100GCED / GCIH / GCIAAZ‑500, AWS Security SpecialtyCrowdStrike, Rapid7, or Sentinel certificationsApplicants must be legally authorized to work in the United States. This role is not eligible for immigration sponsorship now or in the future (e.g., H-1B, TN, F-1 OPT).At Graco, you truly make a difference. Your unique talents contribute to our organizational growth and future. Not only do you make a difference, but Graco’s culture empowers employees to create their own career path. Whether you choose to advance within your current department or explore new opportunities in different divisions, you have the ability to build your future. Our managers are here to provide support and guidance as you continue to grow within your career.Graco has excellent opportunities available to individuals who want to be part of a fast-moving, growing company that is committed to quality, innovation and solving fluid handling problems for our customers. Graco is proud to be named a Best Place to Work by Fortune Magazine in 2016, 2018, 2019, 2021 & 2022. Graco offers attractive compensation, benefits and career development opportunities. Graco’s comprehensive benefits include medical, dental, stock purchase plan, 401(k), tuition reimbursement and more.Our company uses E-Verify to confirm the employment and eligibility of all newly hired employees. To learn more about E-Verify, including your rights and responsibilities, please visit www.dhs.gov/E-Verify.The base pay range for this position is listed below, exclusive of fringe benefits or other compensation. If you are hired, your final base hourly rate will be determined based on factors such as geographic location, skills, competencies, education, and/or experience. In addition to those factors, we will also consider internal equity of our current employees. Please keep in mind that the range provided is the full base salary range for the role. Hiring at or near the maximum of the range would not be typical to allow for future and continued salary growth.$64,600.00 - $113,100.00