Information Security Analyst

This Information Security Analyst role at Teradata focuses on safeguarding the company's digital assets as part of the Security Operations team. You will be the first line of defense, working collaboratively with SOC Analysts across shifts to monitor, triage, and respond to security events.

Key Responsibilities:

• Monitor SIEM and security tools for suspicious activity and potential threats, triaging and analyzing alerts to determine impact and urgency.
• Investigate and respond to cybersecurity incidents, including malware, phishing, unauthorized access, and data exfiltration, escalating critical incidents as needed.
• Maintain and tune security tools such as SIEM, EDR, IDS/IPS, and firewalls, assisting in rule creation and fine-tuning to reduce false positives.
• Consume and correlate threat intelligence feeds with internal data, identifying indicators of compromise (IOCs) and proactively hunting for threats.
• Analyze logs from various sources (network, system, application) for anomalies and correlate events across multiple data sets to uncover patterns and threats.
• Document incidents, response actions, and findings in incident management systems and prepare regular reports on security posture, incident metrics, and threat trends.
• Interpret vulnerability scan and penetration test results, explaining issues and fixes to non-security experts.
• Assist in educating users on secure practices and common threats, and identify opportunities to automate security processes.

Collaboration and Teamwork:

• Partner with teammates to refine detection rules, implement new security tools, and optimize SIEM and EDR platforms.
• Escalate critical threats and support investigations of confirmed security incidents.
• Coordinate response actions, gather context on alerts, and implement remediation measures.
• Provide operational context on exploited vulnerabilities and prioritize patching efforts based on threat intelligence.
• Incorporate emerging threat indicators into detection logic and enrich alert investigations.

Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• 2–5 years of experience in a security operations or vulnerability management role.
• Experience with vulnerability scanners (e.g., Qualys, Tenable).
• Experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar, Palo Alto Prisma).
• Hands-on knowledge of security tools (e.g., EDR, IDS, firewalls, threat intelligence platforms).
• Familiarity with common threat vectors, attack techniques (MITRE ATT&CK), and incident response processes.
• Working knowledge of TCP/IP, networking concepts, Windows/Linux logs, and cloud security.
• Interest or experience in LLMs, autonomous agents, or AI tooling is a plus.

What You Bring:

• Excellent written and verbal communication skills, with the ability to explain technical security topics clearly to non-technical audiences.
• A general understanding of and passion for computer, web, and network security.
• Familiarity with AWS, Azure, and/or Google Cloud.
• Ability to automate tasks using a scripting language (Python preferred).
• Deep understanding of HTTP and SSL/TLS protocols, and web applications.
• Knowledge of networking fundamentals (all OSI layers).
• Proficiency in Linux administration.
• Understanding of continuous integration/continuous deployment processes and tools.