Security Analyst

About the role

Join GetYourGuide as a Security Analyst to advance detection and response capabilities while shaping the SOC technical roadmap. You'll lead incident investigations, enhance SIEM detections, and conduct proactive threat hunting to maintain strong security posture.

What you'll do

• Lead end-to-end incident investigations and response, including detection development and automation
• Design and enhance SIEM detections, onboard new log sources, and improve signal quality
• Conduct proactive threat hunting and translate intelligence into actionable detections
• Partner with Engineering, SRE, Infrastructure, Legal, Data and IT teams on security initiatives
• Strengthen processes by improving IR runbooks, documentation, and tabletop exercises
• Contribute to broader SOC and security strategy development

What you'll need

• 3-7+ years experience in SOC, IR, CSIRT or threat detection
• Strong experience with SIEM and log analysis
• Deep understanding of attack techniques (MITRE ATT&CK framework)
• Strong analytical and investigative skills
• Experience with cloud (AWS) security
• Ability to lead complex investigations end-to-end

Nice to have

• Forensics experience
• Scripting/automation proficiency (Python, bash, Lambda)
• Experience with Okta/Auth0, Cloudflare, GitHub security logs
• Experience with distributed systems logs (microservices)

What they offer

• Annual personal growth budget and mentorship programs
• Work from anywhere for 30 days per year
• Hybrid working (3 days office, 2 days home)
• Monthly transportation and fitness budget
• GetYourGuide activity discounts for you and family
• Language reimbursement program and health benefits