We’ve signed up to an ambitious journey. Join us!

As Arrive, we guide customers and communities towards brighter futures and more livable cities, it isn’t a challenge just anyone could take on. Luckily, we have something to help us make it happen. Our people and our values. We Arrive Curious, Focused and Together. Just as our entire brand is inspired by the North Star, the shining light leading travelers to their destinations since time began, our values guide us. They help us be at our best. For our customers. For the cities and communities we serve. For ourselves. As a global team, we are transforming urban mobility. Let’s grow better, together.

Role Overview

Become a Security Guardian! We are seeking a highly motivated Security Analyst (4+ years experience) to join our Detect & Respond team.

Reporting to the Detect & Respond Lead, you will proactively monitor, investigate, and respond to advanced threats while partnering with engineering and infrastructure teams to reduce risk exposure through effective threat detection improvements.

This role requires a keen eye for detail, strong analytical rigor, and the ability to work effectively under pressure.

Key Responsibilities

Security Monitoring & Incident Response

• Investigate and analyze security alerts from SIEM, EDR, Dark Web Monitoring & Cloud Security Tools.

• Provide comprehensive support for incident response activities, including containment, eradication, and recovery.

• Perform thorough root cause analysis and document incident findings.

• Develop and refine incident response playbooks.

• Work effectively and collaboratively with our Managed Security Service Provider (MSSP).

Threat Detection & Threat Hunting

• Conduct hypothesis-driven threat hunting across endpoint, network, and cloud environments.

• Leverage EDR tooling to detect lateral movement and suspicious activity.

• Stay continuously up-to-date on emerging threat intelligence and attacker behaviors.

Incident Management

• Managing the incident from the moment it is escalated by Tier 1 until final closure, ensuring adherence to established frameworks like the NIST or SANS incident response lifecycles.

• Acting as the primary technical point of contact during an active incident. This involves directing IT operations, network engineers, or system administrators on exactly what systems need to be isolated, patched, or restored.

• Participating in or leading post-mortem meetings after a severe incident is resolved. The Level 2 analyst is expected to identify gaps in current defenses, suggest SIEM/EDR rule tuning, and recommend process improvements to prevent a recurrence.

Compliance, Governance & Continuous Improvement

• Support ISO 27001, PCI DSS, and audit-related evidence gathering requirements.

• Maintain detailed documentation of investigations, procedures, and remediation.

• Contribute to improving SOC processes and runbooks.

What You Bring (Required Skills)

• 4+ years of hands-on experience in a Security Analyst, SOC, or Incident Response role.

• Strong experience with SIEM platforms (e.g., Splunk, Sentinel, Crowdstrike, Rapid7).

• Hands-on experience with EDR tools (e.g., CrowdStrike, Defender, SentinelOne).

• Strong understanding of networking fundamentals, security principles, and common attack vectors.

• Excellent analytical, communication, and collaboration skills, with the ability to translate technical findings into business-impact language.

Preferred Qualifications & Experience

• Experience working in hybrid/cloud environments (AWS, Azure, or GCP).

• Experience in fintech, SaaS, or product-based organizations.

• Exposure to cloud-native security tools (Wiz, Orca, Prisma, etc.).

• Relevant industry certifications are welcome, but not required (such as Security+, CySA+, GCIH, CCSP, or AWS Security Specialty)
  
  If this resonates with you, hit the apply button!