Security Analyst

At Semperis, our mission is to be a Force for Good. Starting with being a great place to work. We believe that when people feel valued, supported, and empowered, they do their best work. That’s why we focus on creating an employee experience rooted in purpose, growth, and balance. Semperis has been recognized as one of America’s Fastest-Growing Cybersecurity Companies by the Inc. 5000, a DUNS 100 Top Startup to Work For, and a multi-year Inc. Best Workplace awardee.

Role Overview

We are looking for a Identity Security Analyst who will focus on investigating and resolving customer-reported security bugs. In this role, you’ll sit at the intersection of security research, product engineering, and customer success: you’ll reproduce issues, analyze impact and root cause, coordinate fixes with R&D, and communicate findings back to customers in a clear, actionable way.

This is a hands-on, technical position ideal for someone who enjoys debugging, incident-style investigations, and direct customer impact.

Key Responsibilities

Bug Triage & Investigation

• Review and prioritize customer-reported security bugs (vulnerabilities, false positives, detection gaps, performance/coverage issues).
• Reproduce issues in lab environments using customer-provided data, logs, and configurations.
• Validate whether a bug is product defect, configuration issue, environmental limitation, or expected behavior.
  
  

Security Analysis

• Analyze suspected vulnerabilities, misconfigurations, or detection gaps to determine impact, severity, and likelihood.
• Correlate product behavior with attack techniques (e.g., MITRE ATT&CK, AD / identity attacks, NTLM relay, Kerberos abuse).
• Perform log and event analysis (Windows Security / Sysmon / AD / LDAP / application logs) to understand bug context and side effects.
  
  

Resolution & Fix Coordination

• Work closely with R&D / engineering teams to:
• Provide clear reproduction steps, data, and technical context.
• Propose mitigations and contribute to detection or logic fixes.
• Verify hotfixes and releases against customer scenarios.
• Track bugs through their full lifecycle to ensure timely resolution and high SLA adherence.
  
  

Customer Communication

• Collaborate with Support, Customer Success, and SEs to:
• Explain root cause and resolution in customer-friendly language.
• Provide interim workarounds or configuration guidance when needed.
• Contribute to knowledge base articles, runbooks, and best-practice guides.
  
  

Quality & Continuous Improvement

• Identify recurring patterns in customer bugs and propose long-term product or process improvements.
• Help refine internal monitoring, alerting, and testing for security-sensitive components.
• Contribute to test cases and validation criteria for new features from a security QA perspective.
  
  

Required Qualifications

• 2–4+ years in a technical security or support role, such as:
• Security Analyst / SOC Analyst
• Security Engineer
• Technical Support Engineer in a security or infrastructure product
• Scripting and automation skills in PowerShell to speed up investigation and test setup.
• Solid understanding of:
• Identity and access concepts (Active Directory, authentication, privileges, groups)
• Basic networking and protocols (TCP/IP, DNS, HTTP/S, SMB, LDAP/LDAPS)
• Hands-on experience with:
• Debugging and reproducing complex customer issues in lab environments
• Strong analytical and problem-solving skills; able to systematically break down ambiguous issues.
• Excellent written and verbal communication skills in English; able to explain complex technical findings to both technical and non-technical audiences.
  
  

Preferred Qualifications

• Experience with enterprise security products, especially in one or more of:
• Identity security / AD security
• EDR/XDR, SIEM, or network security tools
• Operating systems (Windows Server/AD)
• Familiarity with MITRE ATT&CK and common attack patterns against AD and identity.
• Familiarity with Azure DevOps
• Experience working with bug trackers / case management tools.
• Prior experience in a customer-facing role (support, consulting, PS) is a strong plus.
• Hands-on experience with:
  
  

Log analysis (e.g., Windows Event Logs, Sysmon, SIEM)

What We Offer

• Opportunity to work closely with security researchers and product engineers on real-world attacks and defenses.
• Direct impact on customer satisfaction and product quality through high-value bug resolution.
• A collaborative environment that values learning, knowledge sharing, and continuous improvement.
  
  

If you’re passionate about security, love solving hard problems, and enjoy being the person who figures out what actually went wrong for customers, we’d love to hear from you

Why Join Semperis?

You’ll be part of a global team on the front lines of cybersecurity innovation. At Semperis, we celebrate curiosity, integrity, and people who take initiative. If you’re someone who sees the glass as half full, embraces challenges as growth opportunities, and values a healthy balance between work and life—we’d love to meet you.

• Semperis maintains office locations in several cities across the globe. Candidates who reside within 45 miles of one of our offices—or where the job description specifies a required location—will follow our hybrid work model. This includes working onsite some days per week and remotely the remaining days.
  
  

Semperis is an equal opportunity employer and will not discriminate against an applicant or employee based on race, color, religion, creed, national origin or ancestry, ethnicity, sex (including gender, pregnancy, sexual orientation, and gender identity), age, physical or mental disability, veteran or military status, genetic information, citizenship, marital status, or any other legally recognized protected basis under federal, state, or local law. The information collected by the Semperis application is solely to determine suitability for employment, verify identity, and maintain employment statistics.

Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and/or other applicable state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Semperis. Please inform Semperis representative Anna Taylor, Director of Global Recruiting, if you need assistance completing this application or to otherwise participate in the application process.