Role Description The Security Analyst II is a trusted member of the security operations team, responsible for protecting information assets and advancing the organization’s security posture. This role demands a high degree of ownership, accountability, and effective communication. The Security Analyst II operates and monitors security tools, serves as the primary escalation point for security events, and participates in an on-call rotation. The position involves data protection, vulnerability management, asset governance, and compliance activities, collaborating across teams to ensure operational excellence and audit readiness. Success in this role requires initiative, reliability, adaptability, and a commitment to continuous improvement and security awareness. - Keep Christ central in individual and corporate life. - Actively participate in and contribute to the spiritual disciplines of the organization. - Operate, monitor, and maintain security tools and platforms. - Act as the primary escalation contact for security events. - Monitor security alerts, investigate findings, and support triage and escalation processes. - Deliver security awareness training and phishing simulations for end users. - Perform troubleshooting for security tools impacting end users. - Support data protection activities, including data discovery and compliance documentation. - Maintain governance and compliance records for data protection and AI governance initiatives. - Track vulnerability remediation status and coordinate with IT and engineering teams. - Assist with third-party risk management (TPRM) activities and audit preparation. - Maintain and improve asset management documentation and lifecycle records. - Participate in tabletop exercises, security training, and process improvement initiatives. - Collaborate with peers and stakeholders to ensure consistent coverage of monitoring and operational duties. - Proactively identify opportunities to enhance operational workflows and security posture. - Demonstrate accountability for assigned responsibilities and communicate progress to relevant stakeholders. - Perform other duties as assigned to support the evolving needs of the security program. - Maintain awareness of corporate goals, objectives, organizational announcements, and activities. Qualifications - Bachelor's degree in Information Systems, Information Security, Computer Science, or related field. - 3 – 5 years of relevant technical work experience in security operations, incident response, or a related role. - Strong knowledge and experience with administration of multiple applications in an enterprise environment. Requirements - Familiarity with security tools and platforms (e.g., EDR, SIEM, CSPM/SSPM, web filtering). - Understanding of data protection, vulnerability management, and compliance frameworks. - Strong analytical, troubleshooting, and documentation skills. - Excellent communication and collaboration abilities. - Demonstrated ownership and accountability in previous roles. - Commitment to continuous learning and professional development. Benefits - Estimated hiring range: $81,300 – $112,590. - The posted hiring salary range reflects pay for U.S. locations and is determined using market data and internal compensation guidelines. - Actual compensation may vary depending on the candidate’s geographic location, job-related experience, and applicable laws.

• Maintain situational awareness, collect, and analyze information to ensure the safety and security of our clients’ people, buildings, and operations • Detect and assess threats and incidents, and determine their impact on our clients • Using open-source intelligence (OSINT) sources and internal databases to conduct social media, deep and dark web monitoring, and produce tactical intelligence • Write and distribute notifications and daily and weekly products • Triage incidents and threats quickly and effectively • Conduct ad-hoc client briefings on unfolding events • Conduct research and maintain Global Intelligence Team core products, including city security briefs, event risk assessments, and Sibylline’s ASTRA platform • Collect and maintain data sets as directed by the Lead Data, Insights, and Capability analyst • Display creative thinking and consulting skills to deliver a continually improving service for our clients • Facilitate the dissemination of information to mobilise the necessary resources to ensure that regional staff can mitigate immediate risks and incidents • Support our clients directly by providing short-term "Surge" capacity as required • Perform any additional duties as required by the Head of Global Analysis • Engage and collaborate with other Sibylline teams globally to remain up to date with best practices, resources, and industry standards

• Monitor security logs and alerts from various sources, including intrusion detection systems, Endpoint Detection and Response (EDR) systems, and security information and event management (SIEM) tools. • Investigate and analyze security incidents, identify root cause, and develop appropriate mitigation strategies. • Execute security response actions, including full remote remediation of endpoints. • Perform threat hunting and proactive analysis to identify potential security risks and vulnerabilities. • Collaborate with cross-functional teams, including product, engineering, and support, to resolve customer incidents or issues. • Mentor and provide guidance to junior security analysts, sharing knowledge and best practices. • Conduct health checks and architecture reviews, providing technical expertise and real-life experience in creating solutions, designs, and recommendations. • Be a strong voice for your customers across business to identify new detection models, identify new product features, build content for both internal and external customer knowledge bases, and ensure successful Vectra deployments. • Travel expected 0-5%

• Triage and investigate security alerts across endpoints, identity systems, cloud environments, and production workloads. • Support response efforts for a range of security investigations, including account compromise, endpoint activity, and suspicious behavior in cloud, CI/CD, or production systems. • Collect and analyze relevant data (e.g., logs, system activity) to help scope incidents, identify impacted systems, and track activity across environments. • Escalate higher-risk or unclear activity, and support senior team members in ongoing investigations. • Execute containment or remediation actions as directed, and document findings clearly throughout the investigation lifecycle. • Support vulnerability and posture management efforts by validating findings and helping track remediation activities.