Security Operations Analyst

Onebrief is collaboration and AI-powered workflow software designed specifically for military staffs. By transforming this work, Onebrief makes the staff as a whole superhuman - meaning faster, smarter, and more efficient.

We take ownership, seek excellence, and play to win with the seriousness and camaraderie of an Olympic team. Onebrief operates as an all-remote company, though many of our employees work alongside our customers at military commands around the world.

Founded in 2019 by a group of experienced planners, today, Onebrief’s team spans veterans from all forces and global organizations, and technologists from leading-edge software companies. We’ve raised $123m+ from top-tier investors, including Battery Ventures, General Catalyst, Insight Partners, and Human Capital, and today, Onebrief is valued at $1.1B. With this continued growth, Onebrief is able to make an impact where it matters most.

You will quickly put your expertise with cloud-based SIEM applications to work, ensuring Onebrief remains compliant with CMMC 2.0 and other NIST requirements for security auditing, logging, and monitoring. Beyond configuring dashboards and alerts, you will collaborate with our Compliance Specialists and Cybersecurity Engineer to ensure all logging and monitoring evidence is thoroughly documented in our GRC platform. You will also analyze, investigate, escalate, and respond to relevant log events to maintain a strong security posture.

The ideal candidate will bring hands-on experience with cloud-based SIEM/SOAR platforms and a proven track record of applying Risk Management Frameworks such as NIST or ISO to guide security operations.

• Splunk SIEM Administration – Configure, fine-tune, and maintain data ingestion pipelines, correlation searches, and dashboards to proactively detect and respond to security threats.

• Security Event Monitoring – Conduct continuous monitoring and triage of alerts, escalating incidents as needed and collaborating across teams to ensure timely resolution.

• Incident Investigation – Lead in-depth investigations of suspicious activity, compile detailed documentation of findings, and recommend effective mitigation measures.

• Vulnerability Management – Manage and operate vulnerability assessment tools (e.g., Tenable), interpret scan results, and partner with IT teams to prioritize and implement remediation efforts.

• Must be a U.S. citizen and able to pass a background check

• Minimum of 5 years of experience in Cybersecurity, Security Analysis, or a related field

• Proficiency with Splunk Cloud

• Possession of one or more relevant certifications, such as: CySA+, CBROPS, CFR, FITSP-O, GCIA, GDSA, GICSP, or GCFA

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related discipline

  • OR an additional 4 years of relevant professional experience in lieu of a degree

• You are obsessed with creating value for real users

• You are ambitious, scrappy, and a creative problem-solver

• You learn quickly, work iteratively, and naturally seek collaboration

• You approach your work with integrity, intellectual honesty, and a low ego

• You communicate frankly, clearly, and succinctly

• You thrive as a self-starter, embracing autonomy and ambiguity

Compensation Range: $190K - $210K