Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology, and business model of the 21st century’s most innovative companies to the defense industry, Anduril is changing how military systems are designed, built and sold. Anduril’s family of systems is powered by Lattice OS, an AI-powered operating system that turns thousands of data streams into a realtime, 3D command and control center. As the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion, and networking technology to the military in months, not years.

Anduril's Detection and Response team is looking for a Security Operations Analyst to be the watchtower for Anduril's critical defense technologies. As a SecOps analyst on the detection and response team, you'll be responsible for monitoring and responding to adversarial activity while helping incorporate key detection feedback loops with the detection engineering team. When not responding to threats, you'll be asking questions of our data sets, conducting threat hunting and data normalization operations across the organization to understand user behavior and identify anomalies.

WHAT YOU'LL DO

• Triage and respond to alerts / incidents covering multiple disciplines including, but not limited to, phishing, endpoints, AWS infrastructure and services, and SaaS applications.
• Build and optimize tailored detection signatures, response playbooks, and response automation using detection-as-code principles.
• As the frontline of DNR, you will lead the feedback loop for detections, ensuring alerts are fine-tuned to reduce false positives.
• Participate in threat modeling scenarios with cross-functional partners to understand weaknesses across Cloud, Mobile, Endpoints, and other environments incorporating findings into security controls and/or detection signatures.
• Organize and conduct threat hunting and data baselines to identify anomalous patterns in data.
• Participate in an on-call rotation responding to security events and conducting incident response investigations while effectively communicating findings to key stakeholders.

REQUIRED QUALIFICATIONS

• Experience in security monitoring, log analysis, and detection engineering within large data sets across endpoint, network, and a wide variety of application log sources.
• Experience in Python is a must for operating in our automated SOC framework.
• Must have experience with one or more SIEM languages (SPL, KQL, SQL).
• Broad range of practical security knowledge across the spectrum of endpoint, network, identity, application, and cloud infrastructure.
• Knowledge of attacker tactics, techniques, and procedures (TTPs) across Windows, Linux, MacOS, AWS/Azure, etc.
• Strong communication skills and experience collaborating with internal and external stakeholders.
• Must be able to obtain and hold a U.S. Top Secret security clearance.

PREFERRED QUALIFICATIONS

• Experience conducting incident response in the Cloud (AWS, Azure, GCP).
• Digital Forensics and/or reverse engineering experience is a plus!

US Salary Range: $98,000 - $147,000 USD

The salary range for this role is an estimate based on a wide range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations. Highly competitive equity grants are included in the majority of full time offers; and are considered part of Anduril's total compensation package.

Anduril is an equal-opportunity employer committed to creating a diverse and inclusive workplace. The Anduril team is made up of incredibly talented and unique individuals, who together are disrupting industry norms by creating new paths towards the future of defense technology. All qualified applicants will be treated with respect and receive equal consideration for employment without regard to race, color, creed, religion, sex, gender identity, sexual orientation, national origin, disability, uniform service, Veteran status, age, or any other protected characteristic per federal, state, or local law, including those with a criminal history, in a manner consistent with the requirements of applicable state and local laws, including the CA Fair Chance Initiative for Hiring Ordinance. We actively encourage members of recognized minorities, women, Veterans, and those with disabilities to apply, and we work to create a welcoming and supportive environment for all applicants throughout the interview process.