Cyber Defense Senior Analyst (Remote)

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create digital marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them to save time and money.

We operate across a range of markets, from financial services to healthcare, automotive, agrifinance, insurance, and many more industry segments.

We invest in people and new advanced technologies to unlock the power of data and to innovate. A FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 23,300 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com.

This role operates in a 10x4 Wednesday - Saturday weekly schedule as part of a 24x7 global monitoring function.

The frontline team provides global 24x7 security operations and monitoring for cybersecurity events impacting Experian, and is a division of Experian's Cyber Fusion Center (CFC), which is organized under the Experian Global Security Office (EGSO).

As a Cyber Defense Senior Analyst, you will perform in-depth analysis, triage, and response to security threats by following documented policies, processes, and playbooks to meet Service Level Objectives (SLOs).

This role is critical in ensuring the handling of potential threats and plays a part in improving security operations.

You will report to the Director of Cyber Defense Security Operations.

You'll have the opportunity to:

• Execute daily security operations by monitoring, triaging, and conducting response activities for security events and alerts associated with cyber threats, intrusions, and compromises.
• Analyze events using security tooling and logging, such as SIEM, EDR, and assess the potential risk/severity level of cyber threats. Escalate higher-risk events to dedicated incident response and management teams in the CFC, according to established processes.
• Collaborate with external teams for incident resolution and escalations, driving incident handling.
• Notify team Lead(s) of concerns related to operations, such as anomalous changes in metrics, notable open incidents, quality concerns, or observed risks; support with resolution if appropriate.
• Manage and complete assigned caseload throughout the incident response lifecycle, including analysis, containment, eradication, recovery, and lessons learned; maintain standards of quality to resolve events.
• Maintain all case documentation, including notes, analysis findings, containment steps, and cause for each assigned security incident.
• Perform incident updates or make contact with end-users promptly and document them, and complete case hand-off processes, such as completing/verifying shift logs.
• Apply subject matter expertise in security operations processes to help improve relevant playbooks, Standard Operating Procedures (SOPs), and training materials.
• Assist the team Leads and management on use case development by suggesting enhancements or tuning of use cases to improve the security posture of Experian.
• Participate in paid overtime when operational needs may require additional support.

• 3+ years of information security experience working within a Security Operations Center or Cyber Security Incident Response Team.
• Bachelor's Degree in Computer Science, Computer Engineering, Information Systems, Information Security, or a related field. 6+ years of experience working within a Security Operations Center, Incident Response Team, law enforcement, and/or military experience may be accepted in lieu of this requirement.
• Demonstrate working knowledge of the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks.
• Demonstrated knowledge of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), as well as common industry practices to investigate and respond to threats, including phishing, malware, network attacks, suspicious activity, and data security incidents.
• Demonstrated proficiency in determining appropriate methods to contain, eradicate, and recover from a variety of security incidents. Provide recommendations to prevent incidents from recurring.
• Possesses an understanding of common Operating Systems (Windows, Linux, Mac OS), Networking (Firewalls, Proxies, NetFlow, etc.), Cloud Infrastructure (AWS, Azure, GCP), and Security Technologies (Anti-Virus, Intrusion Prevention, Web Application Firewalls, etc.)
• Ability to review and interpret device and application logs from a variety of sources (e.g., Firewalls, Proxies, Web Servers, System Logs, Splunk, Packet Captures, etc.) to identify root cause and determine next steps for containment, eradication, and recovery.
• Experience with common Incident Response and Security Monitoring applications such as SIEM (e.g., Qradar, Splunk), EDR (e.g., FireEye HX, CrowdStrike Falcon, Microsoft Defender, etc.); experience with Security Orchestration, Automation, and Response (SOAR) technologies such as Palo Alto XSOAR and Google Secops (Chronicle) are a plus.
• Continuously build advanced cybersecurity expertise across cloud security (Azure/AWS), incident response, threat detection, system and network forensics, SIEM/monitoring tools, vulnerability management, malware analysis, and scripting/automation.
• One or more professional, currently-held certifications related to Digital Forensics, Incident Response, or Ethical Hacking highly preferred (e.g., GCIH, GMON, GCED, GSOC, CEH, GCFE, GCFA, CFCE, ENCE).
• Bonus: Information security management certifications (CISSP, CISM) or vendor-specific certifications.

Benefits/Perks:

• Great compensation package and bonus plan.
• Core benefits including medical, dental, vision, and matching 401K.
• Flexible work environment, ability to work remote, hybrid or in-office.
• Flexible time off including volunteer time off, vacation, sick and 12-paid holidays.
• Explore all our exciting benefits here: https://yourexperianbenefits.com/cand-index.html.

At Experian, our people and culture set us apart. We're committed to creating an environment where everyone feels they belong and can excel. From inclusion and authenticity to work/life balance, development, wellness, collaboration, and recognition, we focus on what matters. Our people-first approach has earned us global recognition: World's Best Workplaces™ 2024 (Fortune Top 25), Great Place To Work™ 2025 in 26 countries, and Glassdoor Best Places to Work 2024, among others.

Want to see what life at Experian is really like? Explore Experian Life on social or visit our careers site.

Our compensation reflects the cost of labor across several U.S. geographic markets. The base pay range for this position is listed above. Within this range, individual pay is determined by work location and additional factors such as job-related skills, experience, and education. You will be also eligible for a variable pay opportunity.

Experian is proud to be an Equal Opportunity Employer for all groups protected under applicable federal, state and local law, including protected veterans and individuals with disabilities. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.

#LI-Remote

This is a remote position.