This job has expired
This position was posted on April 2, 2026 and is likely no longer accepting applications. We've kept it here for historical reference. Check out the similar jobs below!

Job Overview
Location
37 Locations
Job Type
Full-time
Category
Cybersecurity
Date Posted
April 2, 2026
Full Job Description
đź“‹ Description
- • As an IT Security Analyst IV - Remote at CSAA Insurance Group, you will play a critical role in protecting the organization’s digital assets and member data by leading advanced threat detection, incident response, and security operations initiatives. Your expertise will directly contribute to safeguarding AAA members against evolving cyber threats in an increasingly complex digital landscape.
- • You will serve as a senior technical leader within the Security Operations Center (SOC), driving high-fidelity detection engineering, leading purple team exercises, mentoring junior analysts, and improving overall security posture through proactive threat hunting and process optimization across cloud and on-prem environments.
- • The CSAA Security Operations Team is a collaborative, mission-driven unit focused on intelligence-led cyber defense, where analysts work collectively to understand adversary behaviors, validate detections, and respond to threats with precision and urgency. The team values innovation, continuous learning, and cross-functional partnership to stay ahead of emerging risks.
- • CSAA Insurance Group is a leading personal lines property and casualty insurer and a trusted AAA affiliate, committed to building human-centered solutions that help members prevent, prepare for, and recover from life’s uncertainties. The company fosters an inclusive, innovative culture where employees are empowered to grow, lead, and make meaningful impact.
- • In this role, you will deepen your expertise in adversary-focused detection engineering, incident response leadership, and purple team collaboration while gaining influence over enterprise-wide security strategy. You will have the opportunity to mentor others, lead cross-functional initiatives, and shape the future of CSAA’s SOC capabilities in a remote-first, flexible work environment.
- • Participate in and lead incident response, triage, and investigations by performing systematic analysis of security events and indicators of compromise to identify malicious activity, potential threats, and vulnerabilities.
- • Conduct post-incident analysis to identify root causes and recommend preventative measures to strengthen defenses and reduce recurrence of similar incidents.
- • Create detailed incident reports and documentation for technical and executive stakeholders, ensuring clarity, accuracy, and actionable insights for decision-making.
- • Design, develop, and maintain high-fidelity security detections aligned to adversary behaviors (e.g., MITRE ATT&CK framework), perform ongoing detection gap analysis, and recommend new detections based on emerging threats and attack techniques.
- • Tune and optimize security detections and alerts to improve signal quality, reduce false positives, and ensure actionable outcomes for the SOC, enhancing analyst efficiency and response speed.
- • Document detection logic, data dependencies, assumptions, and response guidance to support long-term maintainability, knowledge transfer, and consistent SOC effectiveness.
- • Provide technical guidance and mentorship to junior SOC analysts during investigations and detection development efforts, fostering skill growth and team resilience.
- • Lead purple team efforts to test adversary techniques, validate existing detections, identify coverage gaps, and inform the development of new or improved security alerts through collaborative red/blue exercises.
- • Proactively conduct threat hunting to identify hidden malicious activity and assess the effectiveness of existing security controls across endpoints, networks, and cloud environments.
- • Leverage threat intelligence from internal and external sources to inform detection development, threat hunting prioritization, and incident response playbooks.
- • Lead SOC project efforts and coordinate with other cybersecurity groups (e.g., GRC, vulnerability management) to elevate the organization’s overall security posture and alignment with business objectives.
- • Identify opportunities to improve security processes, technologies, and workflows, advocating for investments or changes that enhance efficiency and effectiveness.
- • Participate in on-call rotation to respond to critical security events outside regular business hours, ensuring timely containment and mitigation of high-severity incidents.
- • Participate in knowledge sharing and training initiatives, including lunch-and-learns, workshops, and documentation contributions to promote organizational security awareness.
- • Demonstrate ability to multitask and prioritize competing demands in a fast-paced, high-stakes environment while maintaining attention to detail and composure under pressure.
Skills & Technologies
See exactly how your profile matches this role — strengths, skill gaps, and what to do about them.
About CSAA Insurance Group
CSAA Insurance Group, a AAA insurer, specializes in providing auto and home insurance coverage to AAA club members across a broad geographic footprint. With operations spanning Arizona, Colorado, Connecticut, Delaware, Maryland, Montana, Nevada, Oklahoma, Oregon, South Dakota, Utah, Washington D.C., and Wyoming, alongside specific regions in California, Idaho, Indiana, Kansas, Kentucky, New Jersey, New York, Ohio, Pennsylvania, Virginia, and West Virginia, the group demonstrates significant regional scale. They empower policyholders with online tools for managing policies and payments, enhancing accessibility. As a robust insurer within the AAA network, CSAA Insurance Group focuses on safeguarding assets for a substantial and diverse customer base.
Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.
Newsletter
Weekly remote jobs and featured talent.
No spam. Only curated remote roles and product updates. You can unsubscribe anytime.
Similar Opportunities

Arctic Wolf Networks, Inc.
2 months ago

Akaysha Energy Pty Ltd
4 months ago

Arctic Wolf Networks, Inc.
3 months ago

Arctic Wolf Networks, Inc.
1 month ago