Senior Information Security Analyst

Location

About the role

The Senior Information Security Analyst is a seasoned cybersecurity specialist responsible for advanced threat detection, incident response, requests, and ongoing enhancement of Security Operations across Corporate IT environments and the Kinaxis Maestro SaaS platform.

As part of Kinaxis’s global follow-the-sun incident response framework, this role serves as the primary first responder or escalation point for their time zone, providing initial investigative leadership for time-sensitive events and ensuring continuity of response across global shifts. The role functions as an escalation point for complex investigations, leads improvements in detection and response capabilities.

The position requires independent problem solving, strong judgment during security events, and the ability to collaborate effectively across IT, SaaS Operations, Product Development, and Business Systems teams. The role also contributes to strengthening operational processes and provides mentorship to analysts within the Security Operations team.

What you will do

Incident Response

• • Serve as the first responder or an escalation point, local time zone, for security incidents in alignment with the global follow-the-sun coverage model, ensuring timely triage, containment actions, and appropriate escalation.
  • Lead investigation and response for complex, high-severity, or sensitive incidents that occur during local operating hours.
  • Provide escalation support, guidance, and quality review for Security Analysts during active investigations.
  • Direct containment, eradication, and recovery efforts, ensuring accurate documentation and effective handoff as required.
  • Coordinate communications and incident status updates for Security leadership and cross-functional stakeholders.
  • Participate in the global on-call schedule for high-priority events when incidents exceed local time zone coverage.

Threat Detection and Hunting

• • Develop, tune, and validate detection logic and analytics in SIEM and XDR platforms, aligned to MITRE ATT&CK.
  • Conduct structured threat hunting to identify anomalous activity, emerging threats, and monitoring gaps.
  • Integrate cyber threat intelligence into detection engineering, investigations, and operational processes.
  • Assess and improve telemetry coverage across endpoints, networks, cloud services, and SaaS platforms.

Security Tooling and Engineering

• • Maintain and optimize security tools supporting detection and response, including SIEM, XDR/EDR, SOAR, log management, and cloud-native security services.
  • Create and maintain operational playbooks, runbooks, and automation workflows to ensure consistent response across team.
  • Partner with IT, SaaS Operations, and Engineering to enhance telemetry, logging, and secure configuration controls across the environment.

Security Advisory and Collaboration

• • Provide expert guidance on risk severity, remediation actions, and prioritization of security findings.
  • Support cross-functional teams by ensuring proposed changes, deployments, or configurations incorporate the appropriate security controls.
  • Communicate technical findings and recommended actions to stakeholders in clear and concise terms.
  • Participate in internal and external audit activities and support remediation workstreams.

Operational Excellence and Team Development

• • Monitor new cyber threats, attack techniques, vulnerabilities, and trends, and recommend operational changes.
  • Contribute to cyber resilience, disaster recovery, and business continuity exercises.
  • Maintain and continuously improve operational documentation, including playbooks, procedures, and knowledge articles.
  • Provide coaching and mentorship to analysts, contributing to skill development and knowledge sharing across the global team.

What we are looking for

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or equivalent experience.
• 5 to 7 years of experience in Security Operations, Incident Response, IT Security, or related fields in a global or high-tech environment.
• Strong analytical, problem-solving, and critical-thinking abilities, with the capacity to make informed decisions under pressure.
• Excellent written and verbal communication skills, with the ability to clearly articulate complex technical information.
• Ability to work effectively in a fast-paced, global environment with shifting priorities and cross-functional collaboration requirements.
• Highly organized, detail-oriented, and able to manage multiple concurrent responsibilities.
• Adaptable and resilient in high-urgency operational contexts.
• Demonstrated ability to coach or mentor junior team members.
• Certifications:
• Foundational certifications considered assets: CompTIA Security+, CompTIA CySA+, CCNA Security, CCNP Security.
• Advanced certifications preferred: CISSP, CCSP, GIAC (GCIH, GCIA, GCED, GCFA), or equivalent senior-level credentials.

Role Specific Skills and experience

• Experience serving in an operational security role with responsibility for incident triage, investigation, and response.
• Prior experience acting as a first responder or escalation point for security incidents, ideally within a follow-the-sun or global SOC model.
• Strong knowledge of attacker TTPs, threat modeling, IOCs/IOAs, and MITRE ATT&CK.
• Hands-on experience with SIEM and XDR platforms (Microsoft Sentinel, Defender for Endpoint, or similar).
• Experience with cloud security monitoring and controls in Azure, AWS, or GCP environments.
• Understanding of security technologies including firewalls, IDS/IPS, IAM, encryption, and authentication mechanisms.
• Strong understanding of industry-recognized cybersecurity frameworks, including ISO 27001, NIST CSF, and SOC 2.

#LI-RJ1 #Intermediate #Japan #Fulltime