A little bit about us

Bespin Global is a top global cloud MSP recognized in the Gartner Magic Quadrant for 8 consecutive years. We’ve been named the AWS MSP Partner of the Year globally and have earned multiple Google Partner of the Year awards!

We have 1,400+ “Bespineers” across 16 offices in 10 countries—including the U.S., South Korea, Singapore, Dubai, Indonesia, China, and Japan—supporting over 4,500 customers worldwide.

We’re growing fast, and if you want to help enterprise clients solve complex challenges using the power of the cloud, this is the place for you.
Security Analyst, AI SOC Platform

We are looking for a mid- to senior-level Security Analyst who thrives at the intersection of security operations and product development. You should be familiar with multiple technical security domains and have deep experience in at least two of the following domains: cloud, endpoint, identity, email, or network security.

The role is part of our high-profile U.S. security services team where you'll serve as a key contributor, working globally with Bespin engineers and our cloud partners to deliver high-quality security services and improve our security tools and products.

You should have a demonstrated track record of analyzing, responding to, and communicating with customers about security events. You should also have the technical depth to troubleshoot platform issues and provide actionable product feedback to developers. You must be comfortable working with Linux command-line tools and operating in the public cloud (preferably AWS and GCP) so you can understand and anticipate customer pain points when ingesting and analyzing cloud data sources.

This is primarily a U.S./Canada remote role, but candidates must be located in U.S./Canada time zones, with the ability to travel occasionally.

About the Role:

As a Security Analyst, you will:

• Work at the intersection of security operations and product engineering, helping deliver and improve features in our AI SOC platform.
• Collaborate with teams to validate and refine new AI-driven detection and response features before they reach customers, and suggest product and tool improvements.
• Monitor security events and lead the initial human response to security incidents in client environments, working with Bespin engineers and partners to achieve optimal customer outcomes.
• Lead customer onboarding sessions, ensuring their specific environments are correctly tuned and data is flowing accurately.
• Troubleshoot platform usage and data ingestion issues to ensure a smooth customer experience, acting as a technical bridge between customers and developers.
• Create and refine reusable investigation workflows (prompts, queries, and lightweight scripts) so analyses are repeatable and easy to hand off.

What We’re Looking For:
Must-Have:

• A minimum of 5 years of experience as a Security Analyst, Security Engineer, or Incident Responder.
• Excellent communication, interpersonal, and time-management skills to work in a customer-facing environment.
• Practical knowledge of cloud computing architecture and infrastructure such as compute, storage, identity, and networking.
• Experience analyzing cloud audit logs (e.g., AWS CloudTrail) and investigating suspicious activity in cloud environments.
• Experience with one or more SOC/SIEM/SOAR/EDR tools and security platforms (e.g., Splunk, Chronicle, SentinelOne, Elastic Security/Kibana, SumoLogic, or CrowdStrike) for event ingestion, analysis, and investigation.
• Fluency with one or more SIEM query languages and/or SQL.
• Strong data literacy and the ability to interpret complex logs from multiple layers of the application, infrastructure, identity, and network stack.
• Experience with technical customer onboarding, solution engineering, or detailed troubleshooting of security platforms.
• Experience using Linux command-line tools for security testing, data analysis, and automation/remediation.
• Ability to rapidly learn new tools and techniques with minimal supervision.
• Authorized to work in the United States or Canada.

Nice-to-Have:

• Familiarity with MDR (Managed Detection and Response) service delivery models and previous customer-facing experience in consulting or managed services.
• Familiarity with Python libraries such as Pandas, Requests, and other data science libraries.
• Experience with CNAPP/CSPM tools such as Wiz, Orca, or their open-source equivalents.
• Experience creating, reviewing, and improving AI prompts and guidance for agentic workflows that require human feedback.
• Experience in a product-focused environment, such as QA for security tools or providing structured feedback to engineering teams.
• Experience assisting with detection engineering practices, rule testing, tuning, and reducing false positives.
• Experience using AI agents and LLMs to analyze and improve security outcomes.
• Experience with "Detection as Code" principles or managing security content via CI/CD pipelines.
• Fluency with git and knowledge of development workflows.

Ready to shape the future of cloud and data for some of the most exciting companies in the world?
Apply today and bring your expertise to Bespin Global.

[]