Cyber Security Analyst I

About Us At Finance of America, we help homeowners unlock the joy that comes from realizing the full potential of their retirement. Many people have significant wealth tied up in their homes and want to use it meaningfully in their next chapter. Our unique range of reverse mortgages allow homeowners 55+ to access that wealth while maintaining control over their home and financial future. With options tailored to their unique goals, we provide the financial flexibility they need to move forward with confidence. Finance of America is guided by five values: We are customer obsessed, they are why we exist. We raise the bar. We take extreme ownership. We practice genuine collaboration. And we unleash our excellence. Together we are actualizing our vision to be the most beloved brand for homeowners in their next chapter. To learn more about us, visit www.financeofamerica.com Purpose of Role Responsible for the monitoring and triage of security alerts, performing initial investigation, documentation, and escalation following Security Operations Center procedures. Provides frontline defense, ensuring timely identification of threats across Finance of America’s systems and network. Key Responsibilities and Expectations • Monitors security alerts and events across Azure/M365, CrowdStrike Falcon, Elastic/Kibana, and other enterprise security platforms. • Performs initial triage, classification, and escalation of security events based on established runbooks and Service Level Agreements (SLA). • Analyzes phishing emails, Endpoint Detection and Response (EDR) alerts, and other security tools data as necessary to respond to security events. • Utilizes organizational Security Information and Event Management, EDR, and Cloud platforms to perform routine threat hunts to identify and protect Finance of America systems, networks, and users. • Documents all investigative steps clearly and consistently within JIRA, including timelines, findings, and recommendations. • Maintains awareness of current threats, attack techniques, and organizational security policies. • Provides timely communication to senior analysts regarding suspicious activity, potential incidents, and operational risks. • Follows SOC procedures for incident response, containment actions, and enhanced monitoring tasks. • Participates in shift turnover briefings, contributes to daily operational reporting, and ensures accurate case hand-off. • Supports continuous improvement of SOC workflows by identifying false positives, noise reduction opportunities, and detection logic gaps. • Protects sensitive information and maintains strict confidentiality in all SOC work. • Performs other duties as assigned. Reports To • Director, Security Operations Qualifications - Experience/Skills/Competencies • Knowledge of security event triage, threat indicators, and common attack techniques (MITRE ATT&CK familiarity preferred). • Foundational understanding of networking, operating systems, and security principles. • Exposure to or strong interest in: Azure/M365 Security (Entra ID sign-ins, Defender alerts, Audit Logs, Conditional Access), CrowdStrike Falcon (detections, host overview, process trees, investigations), Elastic / Kibana (search queries, dashboards, lenses, detection alerts), JIRA (ticket management, documentation, workflow transitions). • Ability to read and interpret logs from endpoints, cloud systems, email security tools, and authentication platforms. • Basic understanding of Windows and Linux system behaviors, processes, and common administrative commands. • Familiarity with phishing indicators, malware behaviors, user account anomalies, and suspicious network activity. • Ability to research new technologies, techniques, tactics, and incorporate that information into analytical processes. • Strong analytical thinking and problem-solving skills, including ability to follow playbooks accurately. • Ability to work in a fast-paced 24/7 SOC environment with shifting priorities and time-sensitive responses. • Clear written communication for documenting investigations and summarizing findings. • High attention to detail and disciplined adherence to procedures and evidence-handling standards. • Willingness to learn new tools, techniques, and detection methods, including shadowing senior analysts and participating in training. • Ability to work collaboratively with IT, security engineering, incident response, and management teams. • Ability to multitask, work on multiple events, and communicate with other team members virtually. • Ability to take initiative, work autonomously, and complete tickets as prioritized. Qualifications - Education - Required • Bachelor's Degree or comparable qualifications Qualifications - Education - Field(s)/Profession(s) • Cybersecurity, Information Technology, Computer Science, or related field. Compensation The base salary range for this position is inclusive of all geographical differences in the labor market. The base salary for the position will be determined based on factors such as the candidate’s work location, skills, education, and experience. In addition to those factors, we believe in the importance of pay equity and consider the internal equity of our current team members in determining any final offer. We offer a competitive benefits package including health, dental, vision, life insurance, paid time-off benefits, flexible spending account, 401(k) with employer match, and ESPP. Additional Information The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. Finance of America is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, sex (including pregnancy), sexual orientation, religion, creed, age, national origin, physical or mental disability, gender identity and/or expression, marital status, veteran status or other characteristics protected by law. Equal Opportunity Employer This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor. Apply tot his job