Cyber Security Analyst III

Job Summary

The Cyber Security Analyst III is an experienced security operations professional responsible for performing advanced incident detection, triage, and response within the Security Operations Center (SOC). This role requires deep expertise in identifying and mitigating cyber threats in real time, working closely with threat intelligence and engineering teams to improve security posture. The analyst will be a key player in responding to security incidents, leading investigations, and driving continuous improvements in detection capabilities and response processes.

In addition to incident response, this role will actively support threat hunting initiatives, leveraging security telemetry to identify anomalous behavior and potential threats that evade traditional detection methods. The Cyber Security Analyst III is expected to stay ahead of emerging cyber threats, enhance detection use cases, and provide mentorship to junior analysts. The ideal candidate has a strong analytical mindset, excellent problem-solving skills, and the ability to communicate findings effectively to both technical and non-technical stakeholders.

Expected Contributions

• Perform in-depth analysis of security events and alerts to assess risk and determine appropriate response actions.
• Support investigation, containment, eradication, and recovery efforts for complex security incidents.
• Develop and refine incident response playbooks and standard operating procedures to improve SOC efficiency.
• Conduct root cause analysis of incidents and provide recommendations for mitigating future occurrences.
• Actively participate in threat hunting activities to proactively identify and mitigate potential security threats.
• Collaborate with threat intelligence teams to refine detection capabilities based on emerging threats.
• Maintain and enhance SIEM rules, correlation logic, and other security detection mechanisms.
• Assist in tuning security controls to reduce false positives and improve detection efficacy.
• Support forensic analysis efforts by collecting and analyzing logs, artifacts, and system data.
• Provide mentorship and guidance to junior SOC analysts to enhance team capabilities.
• Contribute to post-incident reviews, reporting, and lessons-learned exercises to improve response effectiveness.
• Coordinate with various IT and security teams to implement security best practices and recommendations.

Candidate Profile

Education

• Bachelor's degree in information technology or related discipline or equivalent work experience.

Certifications Preferred

• Splunk Enterprise Security Certified Admin
• Splunk Certified Cybersecurity Defense Analyst
• Certified Cyber Threat Hunting Professional (CCTHP)
• GIAC Certified Incident Handler (GCIH)
• Certified Information Systems Security Professional (CISSP)
• Certified Cyber Threat Hunter (CCTH)
• Certified Ethical Hacker (CEH)

Experience

• Four to six years of experience in cyber security field.
• Two years of threat hunting experience

Skills/Attributes

• Analytical and Strategic Thinking
  • Exceptional analytical skills to interpret complex data and identify sophisticated threats.

• Technical
  • Strong experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar) for log analysis and threat detection.
  • Hands-on expertise in EDR/XDR solutions and network security monitoring tools.
  • Knowledge of common attack techniques (MITRE ATT&CK framework) and incident response methodologies.
  • Experience with scripting and automation using Python, PowerShell, or similar languages.
  • Familiarity with cloud security monitoring in environments such as AWS, Azure, or Google Cloud Platform.
  • Strong understanding of forensic techniques, memory analysis, and malware analysis principles.

• Interpersonal Skills
  • Communication: Proven verbal and written communication skills to convey technical concepts to non-technical stakeholders in easy-to-understand ways.

• Collaboration: Proven ability to collaborate within the Global Technology organization at all levels, vendors, and Managed Service providers to architect solutions and oversee successful project implementations.

• Additional Attributes
  • Ability to multi-task, problem solve and meet deadlines.
  • Willingness to work outside of regular business hours as required which can include evenings, weekends, and holidays.

Marriott Vacations Worldwide is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Job Summary

The Cyber Security Analyst III is an experienced security operations professional responsible for performing advanced incident detection, triage, and response within the Security Operations Center (SOC). This role requires deep expertise in identifying and mitigating cyber threats in real time, working closely with threat intelligence and engineering teams to improve security posture. The analyst will be a key player in responding to security incidents, leading investigations, and driving continuous improvements in detection capabilities and response processes.

In addition to incident response, this role will actively support threat hunting initiatives, leveraging security telemetry to identify anomalous behavior and potential threats that evade traditional detection methods. The Cyber Security Analyst III is expected to stay ahead of emerging cyber threats, enhance detection use cases, and provide mentorship to junior analysts. The ideal candidate has a strong analytical mindset, excellent problem-solving skills, and the ability to communicate findings effectively to both technical and non-technical stakeholders.

Expected Contributions

• Perform in-depth analysis of security events and alerts to assess risk and determine appropriate response actions.
• Support investigation, containment, eradication, and recovery efforts for complex security incidents.
• Develop and refine incident response playbooks and standard operating procedures to improve SOC efficiency.
• Conduct root cause analysis of incidents and provide recommendations for mitigating future occurrences.
• Actively participate in threat hunting activities to proactively identify and mitigate potential security threats.
• Collaborate with threat intelligence teams to refine detection capabilities based on emerging threats.
• Maintain and enhance SIEM rules, correlation logic, and other security detection mechanisms.
• Assist in tuning security controls to reduce false positives and improve detection efficacy.
• Support forensic analysis efforts by collecting and analyzing logs, artifacts, and system data.
• Provide mentorship and guidance to junior SOC analysts to enhance team capabilities.
• Contribute to post-incident reviews, reporting, and lessons-learned exercises to improve response effectiveness.
• Coordinate with various IT and security teams to implement security best practices and recommendations.

Candidate Profile

Education

• Bachelor's degree in information technology or related discipline or equivalent work experience.

Certifications Preferred

• Splunk Enterprise Security Certified Admin
• Splunk Certified Cybersecurity Defense Analyst
• Certified Cyber Threat Hunting Professional (CCTHP)
• GIAC Certified Incident Handler (GCIH)
• Certified Information Systems Security Professional (CISSP)
• Certified Cyber Threat Hunter (CCTH)
• Certified Ethical Hacker (CEH)

Experience

• Four to six years of experience in cyber security field.
• Two years of threat hunting experience

Skills/Attributes

• Analytical and Strategic Thinking
  • Exceptional analytical skills to interpret complex data and identify sophisticated threats.

• Technical
  • Strong experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar) for log analysis and threat detection.
  • Hands-on expertise in EDR/XDR solutions and network security monitoring tools.
  • Knowledge of common attack techniques (MITRE ATT&CK framework) and incident response methodologies.
  • Experience with scripting and automation using Python, PowerShell, or similar languages.
  • Familiarity with cloud security monitoring in environments such as AWS, Azure, or Google Cloud Platform.
  • Strong understanding of forensic techniques, memory analysis, and malware analysis principles.

• Interpersonal Skills
  • Communication: Proven verbal and written communication skills to convey technical concepts to non-technical stakeholders in easy-to-understand ways.

• Collaboration: Proven ability to collaborate within the Global Technology organization at all levels, vendors, and Managed Service providers to architect solutions and oversee successful project implementations.

• Additional Attributes
  • Ability to multi-task, problem solve and meet deadlines.
  • Willingness to work outside of regular business hours as required which can include evenings, weekends, and holidays.

Marriott Vacations Worldwide is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.