Cybersecurity Analyst
Graco, Minneapolis, MN, United States
Security Analyst
The Security Analyst will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats across enterprise environments. This role will operate at the intersection of security operations, incident response, automation, and security data analytics, leveraging modern SIEM, SOAR, XDR, and MDR platforms. The analyst will work closely with SOC, cloud, IAM, and engineering teams to improve detection fidelity, accelerate response, and reduce operational risk through automation and AI-assisted security operations. Security Operations & Incident Response Monitor and triage security alerts from SIEM, XDR, EDR, and MDR platforms Perform incident investigation, containment, eradication, and recovery Conduct root cause analysis and document incidents, lessons learned, and response improvements Support 24x7 SOC operations (on-call or rotational as required) Security Analytics & Detection Engineering Develop, tune, and maintain SIEM detection rules, analytics, and dashboards Perform security data analysis across logs, telemetry, and threat intelligence sources Correlate data across endpoints, identities, networks, cloud workloads, and applications Improve signal-to-noise ratio and reduce false positives SOAR, Automation & AI-Driven Security Design, implement, and optimize SOAR playbooks for alert triage and response Support SOC automation initiatives to reduce manual effort and MTTR Leverage AI-powered security assistants (e.g., Microsoft Copilot for Security or other GenAI tools) to: Accelerate investigations Summarize incidents Enhance analyst productivity Contribute to adoption of AI-driven SIEM/XDR capabilities (added plus) Forensics & Threat Investigation Perform endpoint, identity, email, and cloud forensics Analyze malware, phishing, and account compromise scenarios Partner with Threat Intelligence teams to track adversary techniques (MITRE ATT&CK) Collaboration & Continuous Improvement Work with IAM, Cloud Security, Network, and Application Security teams Support continuous improvement of SOC processes, runbooks, and metrics Participate in purple team exercises, tabletop simulations, and post-incident reviews What You Will Bring to Graco 3+ years of experience in Security Operations / SOC / Incident Response Hands-on experience with: SIEM platforms (log ingestion, correlation, alerting) SOAR platforms (playbooks, automation) Incident Response & Digital Forensics Strong hands-on experience with Microsoft Defender ecosystem: Defender for Endpoint Defender for Office 365 Defender for Identity Defender for Cloud Apps Defender for Cloud Experience with Microsoft Sentinel (analytics rules, KQL, workbooks, automation) Experience with one or more Managed Detection & Response (MDR) / XDR platforms, such as: CrowdStrike Rapid7 Arctic Wolf or similar enterprise MDR/XDR solutions Solid understanding of: Identity & Access Management (IAM) Cloud Security Endpoint & Email Security Threat Detection & Response Accelerators Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience) Experience with AI-driven security operations, including: Copilot for Security GenAI-powered SOC tools AI-assisted investigation and response Experience with cloud platforms: AWS, OCI, Azure, or GCP Familiarity with XDR-native SIEM platforms Scripting or automation experience: Python, PowerShell, KQL, REST APIs Experience with MITRE ATT&CK, NIST CSF, or similar frameworks Relevant certifications: SC-200, SC-100 GCED / GCIH / GCIA AZ-500, AWS Security Specialty CrowdStrike, Rapid7, or Sentinel certifications Applicants must be legally authorized to work in the United States. This role is not eligible for immigration sponsorship now or in the future (e.g., H-1B, TN, F-1 OPT). At Graco, you truly make a difference. Your unique talents contribute to our organizational growth and future. Not only do you make a difference, but Graco's culture empowers employees to create their own career path. Whether you choose to advance within your current department or explore new opportunities in different divisions, you have the ability to build your future. Our managers are here to provide support and guidance as you continue to grow within your career. Graco has excellent opportunities available to individuals who want to be part of a fast-moving, growing company that is committed to quality, innovation and solving fluid handling problems for our customers. Graco is proud to be named a Best Place to Work by Fortune Magazine in 2016, 2018, 2019, 2021 & 2022. Graco offers attractive compensation, benefits and career development opportunities. Graco's comprehensive benefits include medical, dental, stock purchase plan, 401(k), tuition reimbursement and more. The base pay range for this position is listed below, exclusive of fringe benefits or other compensation. If you are hired, your final base hourly rate will be determined based on factors such as geographic location, skills, competencies, education, and/or experience. In addition to those factors, we will also consider internal equity of our current employees. Please keep in mind that the range provided is the full base salary range for the role. Hiring at or near the maximum of the range would not be typical to allow for future and continued salary growth. $64,600.00 - $113,100.00
The Security Analyst will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats across enterprise environments. This role will operate at the intersection of security operations, incident response, automation, and security data analytics, leveraging modern SIEM, SOAR, XDR, and MDR platforms. The analyst will work closely with SOC, cloud, IAM, and engineering teams to improve detection fidelity, accelerate response, and reduce operational risk through automation and AI-assisted security operations. Security Operations & Incident Response Monitor and triage security alerts from SIEM, XDR, EDR, and MDR platforms Perform incident investigation, containment, eradication, and recovery Conduct root cause analysis and document incidents, lessons learned, and response improvements Support 24x7 SOC operations (on-call or rotational as required) Security Analytics & Detection Engineering Develop, tune, and maintain SIEM detection rules, analytics, and dashboards Perform security data analysis across logs, telemetry, and threat intelligence sources Correlate data across endpoints, identities, networks, cloud workloads, and applications Improve signal-to-noise ratio and reduce false positives SOAR, Automation & AI-Driven Security Design, implement, and optimize SOAR playbooks for alert triage and response Support SOC automation initiatives to reduce manual effort and MTTR Leverage AI-powered security assistants (e.g., Microsoft Copilot for Security or other GenAI tools) to: Accelerate investigations Summarize incidents Enhance analyst productivity Contribute to adoption of AI-driven SIEM/XDR capabilities (added plus) Forensics & Threat Investigation Perform endpoint, identity, email, and cloud forensics Analyze malware, phishing, and account compromise scenarios Partner with Threat Intelligence teams to track adversary techniques (MITRE ATT&CK) Collaboration & Continuous Improvement Work with IAM, Cloud Security, Network, and Application Security teams Support continuous improvement of SOC processes, runbooks, and metrics Participate in purple team exercises, tabletop simulations, and post-incident reviews What You Will Bring to Graco 3+ years of experience in Security Operations / SOC / Incident Response Hands-on experience with: SIEM platforms (log ingestion, correlation, alerting) SOAR platforms (playbooks, automation) Incident Response & Digital Forensics Strong hands-on experience with Microsoft Defender ecosystem: Defender for Endpoint Defender for Office 365 Defender for Identity Defender for Cloud Apps Defender for Cloud Experience with Microsoft Sentinel (analytics rules, KQL, workbooks, automation) Experience with one or more Managed Detection & Response (MDR) / XDR platforms, such as: CrowdStrike Rapid7 Arctic Wolf or similar enterprise MDR/XDR solutions Solid understanding of: Identity & Access Management (IAM) Cloud Security Endpoint & Email Security Threat Detection & Response Accelerators Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience) Experience with AI-driven security operations, including: Copilot for Security GenAI-powered SOC tools AI-assisted investigation and response Experience with cloud platforms: AWS, OCI, Azure, or GCP Familiarity with XDR-native SIEM platforms Scripting or automation experience: Python, PowerShell, KQL, REST APIs Experience with MITRE ATT&CK, NIST CSF, or similar frameworks Relevant certifications: SC-200, SC-100 GCED / GCIH / GCIA AZ-500, AWS Security Specialty CrowdStrike, Rapid7, or Sentinel certifications Applicants must be legally authorized to work in the United States. This role is not eligible for immigration sponsorship now or in the future (e.g., H-1B, TN, F-1 OPT). At Graco, you truly make a difference. Your unique talents contribute to our organizational growth and future. Not only do you make a difference, but Graco's culture empowers employees to create their own career path. Whether you choose to advance within your current department or explore new opportunities in different divisions, you have the ability to build your future. Our managers are here to provide support and guidance as you continue to grow within your career. Graco has excellent opportunities available to individuals who want to be part of a fast-moving, growing company that is committed to quality, innovation and solving fluid handling problems for our customers. Graco is proud to be named a Best Place to Work by Fortune Magazine in 2016, 2018, 2019, 2021 & 2022. Graco offers attractive compensation, benefits and career development opportunities. Graco's comprehensive benefits include medical, dental, stock purchase plan, 401(k), tuition reimbursement and more. The base pay range for this position is listed below, exclusive of fringe benefits or other compensation. If you are hired, your final base hourly rate will be determined based on factors such as geographic location, skills, competencies, education, and/or experience. In addition to those factors, we will also consider internal equity of our current employees. Please keep in mind that the range provided is the full base salary range for the role. Hiring at or near the maximum of the range would not be typical to allow for future and continued salary growth. $64,600.00 - $113,100.00