Note: The job is a remote job and is open to candidates in USA. Staritas is a company focused on enhancing security in various domains, and they are seeking a Security Analyst III to lead their security operations and compliance programs. This role involves managing security monitoring, incident response, and ensuring adherence to SOC 2 standards.
Responsibilities
- Lead security monitoring and response operations leveraging SIEM and integrated security platforms; tune alerts, develop use cases, and drive continuous improvement in detection capabilities
- Own SIEM platform management, including onboarding new log sources, correlation rule development, and integration with endpoint, cloud, and network security tools
- Develop, implement, and enforce security policies, standards, and procedures aligned with SOC 2 and industry best practices
- Lead incident response activities, including investigation, containment, root cause analysis, and documentation; coordinate with internal and external stakeholders as required
- Manage vulnerability management program, including scanning, prioritization, remediation tracking, and reporting to leadership
- Own and administer the security awareness program, including KnowBe4 rollout, phishing simulations, reporting, and targeted training campaigns
- Serve as primary owner for SOC 2 compliance activities, including control documentation, evidence collection, audit coordination, and continuous control monitoring
- Develop and maintain security documentation, including policies, procedures, runbooks, and audit artifacts
- Partner with IT Operations to implement and enforce secure configurations, access controls, and endpoint protection strategies
- Lead evaluation, selection, and implementation of new security technologies, including cost analysis and operational integration planning
- Manage third-party security services and vendors (e.g., MDR/eSOC providers) and ensure contractual and operational expectations are met
- Oversee BYOD and endpoint security programs, including MDM enforcement and secure access policies
- Support client and regulatory security inquiries, including RFP responses and due diligence requests
- Stay current with evolving threat landscape, compliance requirements, and security best practices
- Other duties, as assigned
Skills
- 7–10+ years of experience in cybersecurity, IT security operations, or related fields
- Demonstrated experience with SIEM platforms (e.g., Microsoft Sentinel, SUMO, or equivalent) including design, tuning, and operational ownership
- Proven experience developing and enforcing security policies and governance frameworks (SOC 2 required)
- Experience leading or supporting SOC 2 audits, including control ownership and evidence management a plus
- Hands-on experience with security awareness platforms such as KnowBe4, including program rollout and management
- Experience with incident response, vulnerability management, and endpoint security tooling
- Experience working with managed security providers (MDR/eSOC)
- Strong project management and cross-functional collaboration skills
- Bachelor's degree in Info Tech, Cybersecurity, Computer Science, or related field is preferred but not required
- Microsoft 365 security ecosystem preferred
- CISSP, CISM, or similar advanced security certification
- Microsoft Security certifications (e.g., SC-200, SC-300)
- SOC 2 / compliance-related training or certifications
Benefits
- Performance bonus program
- Fully remote work environment
- Comprehensive benefits package including 401k match
- 19 days of PTO per year; 10 holidays per year
- Opportunity to work in a mission-driven organization where your work directly shapes clarity, confidence, and better outcomes across healthcare
- Up to 10% travel, based on business needs
- Medical, dental, and vision coverage
- Retirement savings plans with company contributions
- Paid time off and company holidays
- Paid parental and family leave
- Access to employee assistance and wellness resources
- Life and disability insurance
- Professional development opportunities
- Flexible work arrangements
Company Overview