Security Analyst

About the role

The Cyber Security Analyst is a key member of QBE's Global Security Operations team, responsible for protecting enterprise systems, data, and services in an evolving threat landscape. This is a hands-on, technically focused role supporting advanced detection, investigation, and response activities across on‑prem, cloud, and SaaS environments. The analyst will investigate and respond to security alerts escalated from Tier 1, conduct in‑depth analysis of complex incidents, and proactively identify threats before they impact the business. In partnership with technology teams and business stakeholders, this role contributes to improving QBE's security posture through continuous improvement, innovation, and practical risk reduction. We are looking for individuals who are passionate about cybersecurity, curious by nature, and motivated to continuously learn, challenge existing processes, and help shape the future of security operations - Location: Madison, Wisconsin - Work Arrangement: This role will be on a hybrid schedule with expectations of being in office 8-12 days a month - The salary range for this role is: $74,000 = $111,500 Your new role Investigate and respond to security events and incidents across endpoint, identity, network, application, cloud, and SaaS environments. Lead or support Tier 2/3 incident response, including containment, eradication, recovery, and post incident analysis. Correlate multi-source telemetry (SIEM, EDR/XDR, cloud, identity, email, threat intelligence) to determine root cause, scope, and impact. Provide clear, timely incident updates and risk assessments to technical teams and stakeholders. Conduct proactive, hypothesis-driven threat hunting aligned to MITRE ATT&CK and current adversary tradecraft. Analyze emerging threats, attacker behavior, and indicators relevant to the enterprise environment. Improve detection capability by partnering with detection engineering to enhance coverage, fidelity, and reduce noise. Investigate threats related to cloud workloads, SaaS platforms, and identity systems. Analyze and respond to identity compromise, privilege abuse, misconfiguration, and unauthorized access scenarios. Support implementation and validation of modern, Zero Trust-aligned security controls. Drive improvements in detection, response, and analyst workflows through automation and process optimization. Evaluate and operationalize new security technologies and capabilities. Maintain accurate, defensible documentation of incidents and recommend enhancements to playbooks and procedures. Partner with infrastructure, cloud, application, and identity teams to remediate issues and reduce risk. Act as a technical resource for analysts and contribute to knowledge sharing and team development. Communicate complex security concepts clearly to both technical and non-technical stakeholders. Required Qualifications Bachelor's Degree or equivalent Preferred Experience Experience contributing to security operations, incident response, or threat detection in an enterprise environment. Hands‑on experience with security monitoring and analysis across: Endpoint (EDR/XDR) Identity (IAM, Active Directory, Entra ID) Network and firewall technologies Cloud platforms and SaaS environments Leading incident response to malware, phishing, ransomware, cloud compromise, and identity attacks Familiarity with SIEM platforms, alert triage, case management, and log correlation. Writing and tuning detection queries using KQL, SPL, or similar languages. Understanding of common attacker techniques, malware behavior, and modern threat trends. Scripting or query experience using PowerShell, Python, or similar languages. Strong analytical and problem‑solving abilities with attention to detail. Ability to prioritize and manage multiple investigations simultaneously. Clear, concise written and verbal communication skills. Confidence making remediation and containment recommendations based on risk. Self‑motivated, organized, and comfortable working with minimal supervision. Skills: This section will automatically populate on the job req in Workday Compensation Package: The salary range for this role is provided above. This is the national range for location(s) listed. The salary offer will be decided based on the role's complexity, its location, and the candidate's professional background, including their education and experience. Beyond the base salary, regular full-time and part-time employees will also be eligible for QBE's annual discretionary bonus plan based on business and individual performance. We encourage all candidates to apply, even if their salary expectations fall outside of this range, as we are committed to finding the right fit for our team. QBE Benefits: We offer a range of benefits to help provide holistic support for your work life, whatever your circumstances. As a QBE employee you will have access to: Hybrid Working

Benefits

Additional Information

Primary Details Time Type: Full time Worker Type: Employee

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at qbe? Share your experience