E

Senior Security Operations Analyst

Extend
3 months ago
Full-time
Remote
Worldwide
Remote Operations

About Extend:

Extend is revolutionizing the post-purchase experience for retailers and their customers by providing merchants with AI-driven solutions that enhance customer satisfaction and drive revenue growth. Our comprehensive platform offers automated customer service handling, seamless returns/exchange management, end-to-end automated fulfillment, and product protection and shipping protection alongside Extend's best-in-class fraud detection. By integrating leading-edge technology with exceptional customer service, Extend empowers businesses to build trust and loyalty among consumers while reducing costs and increasing profits.

Today, Extend works with more than 1,000 leading merchant partners across industries, including fashion/apparel, cosmetics, furniture, jewelry, consumer electronics, auto parts, sports and fitness, and much more. Extend is backed by some of the most prominent technology investors in the industry, and our headquarters is in downtown San Francisco.

What You'll Do:Β 

  • Serve as a core member of Security Operations, monitoring and triaging alerts from platforms such as SentinelOne and Wiz. Perform end-to-end investigations to identify, contain, and remediate threats and incidents, driving timely, appropriate response.
  • Proactively identify and assess vulnerabilities in infrastructure and code, working with development and other cross functional teams to address issues.
  • Contribute to the end-to-end detection lifecycle: model attacker behaviors (MITRE ATT&CK), write and test detections as code across security programs and tooling (SentinelOne, Wiz, Okta, AWS CloudTrail), and continuously enrich to reduce false positives and improve MTTD. Support data quality and telemetry onboarding, maintain response playbooks, and provide threat validation assistance across the business.
  • Assist teams with the application of secure configuration baselines and best practices in accordance with CIS Benchmarks, NIST, vendor hardening guides, and applicable compliance standards across all company computing assets.
  • Correlate endpoint and infrastructure telemetry to identify emerging threats. Curate and operationalize intelligence (IOCs, TTPs) into detections and response playbooks, and maintain vetted intelligence feeds.
  • Assist GRC initiatives by mapping controls to internal policies and frameworks (e.g., SOC 2, NIST CSF, NYC DFS 500), identifying gaps, supporting audits and evidence collection, tracking remediation, and maintaining policies and control documentation.
  • Work with engineering and business teams to champion security best practices, communic