Government Careers

  • Senior Associate, Security Operations

  • Andersen
  • Los Angeles, California 90079 United States View Map

Senior Associate, Security OperationsAndersen's information security function is expanding, and this role sits at the operational core of that effort. The Senior Associate, Security Operations serves as the firm's internal hub for day‑to‑day security operations, owning the relationship with our managed detection and response provider, triaging and coordinating incident response, managing security vendor relationships, and executing client security due diligence. This role requires a candidate who is equally comfortable analyzing a threat escalation and drafting a vendor risk assessment.Senior Associate reports to the Head of Security Engineering & Architecture, with dotted‑line accountability to the Senior Manager, Governance, Risk & Compliance for client diligence and vendor risk. After‑hours availability is a firm requirement.ResponsibilitiesServe as the firm's internal incident response coordinator, working alongside the managed detection and response provider during active security eventsExecute, test, and continuously improve IR playbooks through regular tabletop exercises and lessons learnedCoordinate internal stakeholder communication during incidents and produce post‑incident reports for technical and executive audiencesServe as the primary liaison to the firm's MDR provider, review threat reports, and hold the provider accountable to SLAsTriage MDR escalations, assess severity, and initiate appropriate internal response workflowsCoordinate detection rule tuning and alert threshold adjustments to reduce false positivesMaintain knowledge of MDR detection logic and flag coverage gaps to the Head of Security Engineering & ArchitectureExecute responses to client security questionnaires and due diligence requests accurately and on timeEnsure questionnaire responses reflect the firm's control posture and certifications, escalating discrepancies immediatelyManage intake and tracking of diligence requests, flagging new questions to the Senior Manager, GRCSupport the Head of Security Engineering & Architecture with vulnerability management and remediation follow‑upManage relationships with security technology and service vendors, tracking contract terms, renewal dates, and SLA performancePartner with the Senior Manager, GRC on vendor risk assessments and track findings to remediationMaintain operational documentation including runbooks, contact trees, and escalation proceduresContribute to security awareness initiatives and serve as a resource for internal teamsIdentify and assess AI‑related security risks, incorporate AI threat scenarios into tabletop exercises, and monitor use of unsanctioned AI toolsRequirements5+ years of experience in security operations, incident response, or closely related disciplineBachelor's degree in Information Security, Computer Science, or related fieldExperience triaging and coordinating incident response during active eventsAbility to execute, test, and improve IR playbooksWorking familiarity with managed detection and response servicesExperience managing vendor relationships and SLA oversightExperience with client security due diligence and questionnaire responsesTechnical fluency in endpoint security, network fundamentals, log analysis, and threat detectionProficiency with SIEM, EDR, and ticketing platformsKnowledge of AI‑enabled threat vectorsStrong written communication skills for incident reports and client responsesAvailability to respond to high‑severity incidents outside business hoursPreferredRelevant incident handling or security analysis certification (e.g., GCIH, GSEC, GSOC)Background in professional services or consultingFamiliarity with SOC 2 or ISO 27001 control environmentsExposure to threat intelligence platforms or processesKnowledge of AI security risk frameworks such as NIST AI RMF or MITRE ATLASCompensation And BenefitsCompetitive base compensation, benefits package, and discretionary bonuses based on performance. Expected salary range for U.S. employees: $115,000–$130,000. Benefits include medical, dental, vision, basic life insurance, 401(k) plan, 160 hours paid time off annually, and twelve paid holidays.Equal OpportunityAndersen Tax welcomes and encourages workforce diversity. We are an equal opportunity employer. Applicants and employees are considered for positions and are evaluated without regard to race, color, national origin, ancestry, religion, sexual orientation, gender identity, sex, age, marital status, military status, veteran status, genetic information, or any other characteristic protected by law. All qualified individuals, including those with criminal histories, will be considered in a manner consistent with applicable law. We provide reasonable accommodations to qualified individuals with disabilities.#J-18808-Ljbffr

Senior Associate, Security OperationsAndersen's information security function is expanding, and this role sits at the operational core of that effort. The Senior Associate, Security Operations serves as the firm's internal hub for day‑to‑day security operations, owning the relationship with our managed detection and response provider, triaging and coordinating incident response, managing security vendor relationships, and executing client security due diligence. This role requires a candidate who is equally comfortable analyzing a threat escalation and drafting a vendor risk assessment.Senior Associate reports to the Head of Security Engineering & Architecture, with dotted‑line accountability to the Senior Manager, Governance, Risk & Compliance for client diligence and vendor risk. After‑hours availability is a firm requirement.ResponsibilitiesServe as the firm's internal incident response coordinator, working alongside the managed detection and response provider during active security eventsExecute, test, and continuously improve IR playbooks through regular tabletop exercises and lessons learnedCoordinate internal stakeholder communication during incidents and produce post‑incident reports for technical and executive audiencesServe as the primary liaison to the firm's MDR provider, review threat reports, and hold the provider accountable to SLAsTriage MDR escalations, assess severity, and initiate appropriate internal response workflowsCoordinate detection rule tuning and alert threshold adjustments to reduce false positivesMaintain knowledge of MDR detection logic and flag coverage gaps to the Head of Security Engineering & ArchitectureExecute responses to client security questionnaires and due diligence requests accurately and on timeEnsure questionnaire responses reflect the firm's control posture and certifications, escalating discrepancies immediatelyManage intake and tracking of diligence requests, flagging new questions to the Senior Manager, GRCSupport the Head of Security Engineering & Architecture with vulnerability management and remediation follow‑upManage relationships with security technology and service vendors, tracking contract terms, renewal dates, and SLA performancePartner with the Senior Manager, GRC on vendor risk assessments and track findings to remediationMaintain operational documentation including runbooks, contact trees, and escalation proceduresContribute to security awareness initiatives and serve as a resource for internal teamsIdentify and assess AI‑related security risks, incorporate AI threat scenarios into tabletop exercises, and monitor use of unsanctioned AI toolsRequirements5+ years of experience in security operations, incident response, or closely related disciplineBachelor's degree in Information Security, Computer Science, or related fieldExperience triaging and coordinating incident response during active eventsAbility to execute, test, and improve IR playbooksWorking familiarity with managed detection and response servicesExperience managing vendor relationships and SLA oversightExperience with client security due diligence and questionnaire responsesTechnical fluency in endpoint security, network fundamentals, log analysis, and threat detectionProficiency with SIEM, EDR, and ticketing platformsKnowledge of AI‑enabled threat vectorsStrong written communication skills for incident reports and client responsesAvailability to respond to high‑severity incidents outside business hoursPreferredRelevant incident handling or security analysis certification (e.g., GCIH, GSEC, GSOC)Background in professional services or consultingFamiliarity with SOC 2 or ISO 27001 control environmentsExposure to threat intelligence platforms or processesKnowledge of AI security risk frameworks such as NIST AI RMF or MITRE ATLASCompensation And BenefitsCompetitive base compensation, benefits package, and discretionary bonuses based on performance. Expected salary range for U.S. employees: $115,000–$130,000. Benefits include medical, dental, vision, basic life insurance, 401(k) plan, 160 hours paid time off annually, and twelve paid holidays.Equal OpportunityAndersen Tax welcomes and encourages workforce diversity. We are an equal opportunity employer. Applicants and employees are considered for positions and are evaluated without regard to race, color, national origin, ancestry, religion, sexual orientation, gender identity, sex, age, marital status, military status, veteran status, genetic information, or any other characteristic protected by law. All qualified individuals, including those with criminal histories, will be considered in a manner consistent with applicable law. We provide reasonable accommodations to qualified individuals with disabilities.#J-18808-Ljbffr

Government Careers

Government Careers

Government jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.

Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.

Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.

Show more
Apply Now

MORE JOBS

Show More