Security Operations Analyst

Our Company

At Teradata, we believe that people thrive when empowered with better information. That’s why we built the most complete cloud analytics and data platform for AI. By delivering harmonized data, trusted AI, and faster innovation, we uplift and empower our customers—and our customers’ customers—to make better, more confident decisions. The world’s top companies across every major industry trust Teradata to improve business performance, enrich customer experiences, and fully integrate data across the enterprise.

What You'll Do

• Monitor SIEM and security tools for suspicious activity and potential threats.
• Triage and analyze security alerts to determine impact and urgency.
• Investigate and respond to cybersecurity incidents, including malware infections, phishing, unauthorized access, and data exfiltration.
• Escalate significant incidents to senior analysts or incident response teams as needed.
• Maintain and tune security tools such as SIEM, EDR, IDS/IPS, and firewalls.
• Assist in rule creation and fine-tuning to reduce false positives and improve detection.
• Consume and correlate threat intelligence feeds with internal data.
• Identify indicators of compromise (IOCs) and proactively hunt for threats.
• Analyze logs from various sources (network, system, application) for anomalies.
• Correlate events across multiple data sets to uncover patterns and threats.
• Document incidents, response actions, and findings in incident management systems.
• Prepare regular reports on security posture, incident metrics, and threat trends.
• Interpret vulnerability scan results, penetration test results and describe issues and fixes to non-security experts
• Assist in educating users on secure practices and common threats.
• Identify and automate security processes and practices

Who You'll Work With

You'll be part of a collaborative Security Operations team that serves as the first line of defense for our organization's digital assets. Working closely with SOC Analysts across different shifts, you'll share responsibility for monitoring, triaging, and responding to security events.

Your role will involve:

• Partnering with teammates to refine detection rules, implement new security tools, and optimize our SIEM and EDR platforms
• Escalating critical threats and supporting investigations of confirmed security incidents
• Coordinating response actions, gathering context on alerts, and implementing remediation measures
• Providing operational context on exploited vulnerabilities and prioritizing patching efforts based on threat intelligence
• Incorporating emerging threat indicators into detection logic and enriching alert investigations

What Makes You a Qualified Candidate

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• 2–5 years of experience in a security operations or vulnerability management role.
• Experience with vulnerability scanners (Qualys, Tenable)
• Experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar, etc.).
• Hands-on knowledge of security tools (e.g., EDR, IDS, firewalls, threat intelligence platforms).
• Familiarity with common threat vectors, attack techniques (MITRE ATT&CK), and incident response processes.
• Working knowledge of TCP/IP, networking concepts, Windows/Linux logs, and cloud security.
• Interest or experience in LLMs, autonomous agents, or AI tooling.

What You Bring

• Work as part of a team
• Excellent written and verbal communication skills
• Ability to communicate effectively with business representatives in explaining security topics clearly and where necessary, in layman's terms
• General understanding of and passion for computer, Web, and network security
• Familiarity with AWS, Azure, and/or Google Cloud
• Ability to automate tasks using a scripting language (Python preferred).
• Deep understanding of HTTP and SSL/TLS protocols, and Web applications
• Knowledge of networking fundamentals (all OSI layers)
• Proficiency in Linux administration
• Understanding of continuous integration / continuous deployment processes and tools

What Makes You a Qualified Candidate

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• 2–5 years of experience in a security operations or vulnerability management role.
• Experience with vulnerability scanners (Qualys, Tenable)
• Experience with SIEM platforms (e.g., Palo Alto Prisma, Splunk, Microsoft Sentinel, QRadar, etc.).
• Hands-on knowledge of security tools (e.g., EDR, IDS, firewalls, threat intelligence platforms).
• Familiarity with common threat vectors, attack techniques (MITRE ATT&CK), and incident response processes.
• Working knowledge of TCP/IP, networking concepts, Windows/Linux logs, and cloud security.
• Interest or experience in LLMs, autonomous agents, or AI tooling.

#LI-TC1