Security Analyst (Remote in US)

We are looking for a skilled Security Analyst to join our Managed Security Services Provider (MSSP) team. This role is essential for protecting our clients by detecting, investigating, and responding to security threats, managing vulnerability scans, and delivering monthly phishing tests and reports. The ideal candidate will have hands-on experience with SentinelOne, Microsoft Defender, account takeover investigations, vulnerability management, and incident response, and will be comfortable working independently as well as collaborating with the broader team across shifts.This is a remote position and you may work from anywhere within the United States. The role follows a 2nd shift schedule, and we are ideally seeking someone who can work 3:00 PM – 11:00 PM Eastern Time (ET). Some weekend or holiday coverage may be required on a rotational basis.Key ResponsibilitiesMonitor client environments for security alerts and suspicious activity across endpoints, networks, and cloud services during second shift hours.Perform in-depth security investigations using EDR, SIEM, and supporting tools to detect and contain client threats.Investigate client account takeover (ATO) events, including credential theft, unauthorized logins, and privilege misuse, and coordinate remediation.Execute the full incident response lifecycle of detection, triage, containment, eradication, and recovery for client incidents.Manage client vulnerability management programs: schedule scans, review results, validate findings, deliver reports, and track remediation progress.Administer client phishing simulation campaigns monthly, analyze results, and provide actionable reporting and recommendations to improve human risk posture.Provide rapid response to critical alerts and incidents during on-call coverage periods.Develop, maintain, and follow incident response playbooks tailored to client environments (ATO, phishing, malware, ransomware, etc.).Document investigation findings, root cause analyses, and recommendations in client-facing reports and ticketing systems.Manage and monitor client email security tools such as Proofpoint and Microsoft Defender for M365, investigate alerts, and assist with email threat remediation.Support proactive threat hunting in client environments to identify indicators of compromise (IOCs) before they escalate.Assist with tuning detection rules and automation to improve visibility and reduce false positives.