Sr. Cybersecurity Operations Analyst

Join Atlas Air Worldwide. Move the World with Us!

At Atlas Air Worldwide, we’re not just an airline, we’re a global engine powering cargo, passenger, and leasing operations across more than 70 countries. As a leader in outsourced aviation logistics, we’re built on a foundation of safety, service excellence, integrity, innovation, teamwork, and responsibility. With over 30 years of history, a modern all-Boeing fleet, and nearly 5,000 teammates collaborating across operations, technical, and corporate functions, we’re driven by purpose.

If you're ready to grow, innovate, and help us deliver excellence every single day, you belong here.

This position is responsible for cybersecurity operations and defense including threat assessment, incident handling, and managing vulnerabilities against Atlas Air Global Technology environment.

Values and Behavioral Standards: To ensure the effective communication and application of company values and behavioral standards, as stated in our company “Code of Conduct” policy, and to respond appropriately in the event of any known departure.

Major Job Responsibilities:

This position will be responsible for security event monitoring, vulnerability assessments, web application penetration tests, integrity checking, and maintaining necessary standards & controls, and procedures. Here is what you will do:

Cyber Defense

Design, implement, and leverage advanced detections using SIEM and SOAR technology

Develop innovative custom detection rules and automated remediation, playbooks, and alerts tailored to the organization's threat landscape for enterprise and customer security.

Leverage industry standard MITRE frameworks to identify detection coverage and address gaps.

Evaluate, validate, tune, and sunset detection capabilities to optimize Alert to Incident ratio

Maintains operational playbooks and workbooks to improve security detection and response

Participate directly in the security incident response process and effectively contribute to the containment and eradication of threats and recovery of technology from cybersecurity incidents.

Monitor multiple sources of incident reporting (mailboxes, hotlines, external sources) and optimize response times through automated routines

Propose and define new SIEM content and monitoring use cases as needed upon emergence of new applications, threats, and policies.

Monitor and resolve security alerts from the SIEM and other security systems, as well as those escalated by the MSV providing SOC services, for potential threats and compliance issues.

Improve detection systems for performance, scalability, and cost effectiveness.

Threat/Vulnerability Management

Conduct threat modeling to proactively identify and address security risks before exploitation.

Perform security evaluations on hybrid cloud environment and recommend prioritized actions

Perform attack simulation testing to validate efficacy of use cases and purple teaming exercise

Monitor industry security advisories and prioritize advancing threats and recommend mitigations

Coordinate with System Operations on vulnerability patching cycles to reduce mean time to remediate significant vulnerabilities

Guide the organization on security best practices and promote a security minded company culture

Qualifications:

5+ years’ experience in Security Operations or related IT operational roles.

Hands‑on experience with relevant Technology Environment and Security Tooling including:

Security monitoring and incident response (Microsoft Defender and Sentinel)

Vulnerability management tools and processes (Tenable, Burpsuite, CSPM, Managed Engine)

Endpoint, network, and identity security controls (Defender, Cisco, Citrix, Palo Alto)

Microsoft Windows Administration (AD/Azure AD, Entra ID, Exchange, Sharepoint, etc.)

Cloud security operations (AWS, GCP, Azure, O365)

Windows and Linux operating systems

Demonstratable experience with analyzing security events, effectively identifying suspicious activity, and handling incidents, effectively responding to threats in a hybrid environment

Working knowledge of common attack techniques targeting multi-national organizations and aviation and translating to TTP from MITRE ATT&CKS.

Experience developing detection logic and threat hunting queries using Microsoft KQL, or similar query languages

Deep understanding of applicable security requirements for DISA STIG, Cloud Security Requirements Guide, and CIS Benchmarks and ability to effectively advise in tailoring for specific business needs.

Ability to work effectively in a government regulated organization including familiarity with NIST 800-53 Revision 5 and Capability Maturity Model

CISSP or GIAC (GSEC, GCIA, GCFA, GCIH, GCWN) or similar certification strongly desired.

Ability to work overtime during critical peaks, be available to meet last minute requests for overtime

Ability to work both independently and as part of a team in a dynamic environment

Ability to obtain Microsoft Security Operations Analyst Certification SC-200 within one year of hire

Ability to acquire and maintain Top Secret or Secret clearance as required

S. Degree in Computer Science or related field.

Competitive compensation will be offered based on a variety of factors, including a candidate's experience, skills, education, geographic location, internal equity and other factors. In addition, a range of benefits to include medical, dental and vision insurance, employee assistance program, as well as generous paid time off, and 401K contributions are offered as a part of the total compensation package.

Pay Range

$135,500 - $183,000 USD

At Atlas Air Worldwide, we believe in the power of people, the promise of innovation, and the responsibility we hold to each other, to our customers, and to the planet. Join us and be part of a team that lifts more than cargo; we lift ambition.