Sr. IS Analyst - Security Operations

About the role

At Franklin Templeton, we believe success is built through powerful partnerships. As a forward thinking asset manager, we build dynamic relationships with clients, understand their goals, and navigate complex markets together. We leverage cutting edge strategies and deep insights to unlock opportunities for long term wealth creation. Our talented, global teams bring expertise that is both broad and unique. From our welcoming, inclusive, and supportive culture to our globally diverse business, we offer opportunities not only to help you reach your potential, but also to contribute to our clients' success. Role Scope Independently monitor, triage, investigate, and respond to security alerts and incidents while coordinating containment, remediation, and escalation activities. The role is expected to handle most day-to-day SOC investigations, improve detection quality, contribute to threat hunting, maintain strong case documentation, and provide guidance to analysts when required. Role Summary The role is responsible for advanced security monitoring, investigation, and incident response in a 24x7 SOC environment. It requires strong analytical thinking, evidence-based investigation, and the ability to correlate activity across endpoints, network, identity, email, cloud, applications, and enterprise security tools. The role contributes to SOC maturity by improving detection rules, use cases, escalation logic, playbooks, investigation guides, and response documentation. It also supports threat hunting, post-incident reviews, stakeholder communication, and remediation tracking to strengthen the organization's overall detection and response posture. Core Objective Lead SOC investigations, incident response, containment, and remediation while improving detection coverage, response effectiveness, threat hunting outcomes, and SOC operational maturity. What is the Security Operations Center (SOC) responsible for? The SOC is responsible for continuously monitoring and improving the organization's security posture by preventing, detecting, analyzing, and responding to cybersecurity incidents using security tools, threat intelligence, defined processes, and operational response capabilities. How you will add value Monitor, analyze, triage, and investigate security alerts, events, and medium to high severity incidents using established SOC processes, playbooks, and escalation paths. Perform detailed investigation of suspicious activity across endpoints, network, identity, email, cloud, applications, and other enterprise security technologies. Validate alerts, determine scope and impact, identify affected users, systems, accounts, and data, and distinguish true positives from false positives. Lead and support incident response activities across the incident lifecycle, including detection, analysis, containment coordination, remediation tracking, recovery support, and closure documentation. Perform root cause analysis for security incidents and document evidence, timeline, impact, actions taken, remediation recommendations, and lessons learned. Conduct threat hunting using threat intelligence, indicators of compromise, behavioral patterns, attack techniques, and frameworks such as MITRE ATT&CK. Review, tune, and improve SIEM, EDR, XDR, and related detection rules, correlation logic, alert thresholds, and monitoring use cases to improve detection accuracy and reduce false positives. Identify gaps in logging, monitoring, alerting, detection coverage, escalation, and response processes, and recommend practical improvements. Prepare clear incident reports, investigation summaries, escalation notes, and stakeholder communications for technical and non-technical audiences. Collaborate with security engineering, infrastructure, application, cloud, identity, and business teams to support investigation, containment, remediation, and control improvement. Track remediation actions with responsible teams and ensure incident-related risks, findings, and corrective actions are addressed in a timely manner. Maintain and improve SOC playbooks, runbooks, standard operating procedures, knowledge articles, investigation guides, and response documentation. Ensure alerts, incidents, investigation steps, evidence, decisions, and closure notes are accurately documented in ticketing or case management systems. Support analysts through investigation guidance, knowledge sharing, and review of incident handling quality. Participate in post-incident reviews and identify improvements to detection coverage, response processes, threat hunting, and operational maturity. What will help you be successful in this role Educational background in Cybersecurity, Computer Science, Information Technology, Engineering, or a related discipline, preferably with cybersecurity-focused coursework, specialization, or practical security exposure. 4-7 years of hands-on experience in SOC, security operations, incident response, threat detection, s

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Franklin Templeton? Share your experience