Apply for this job now

IT Security Analyst IV

Glendale, Arizona
Job Type
7 Sep 2022

CSAA Insurance Group (CSAA IG), a AAA insurer, is one of the top personal lines property and casualty insurance groups in the U.S. Our employees proudly live our core beliefs and fulfill our enduring purpose to help members prevent, prepare for and recover from life's uncertainties, and we're proud of the culture we create together. As we commit to progress over perfection, we recognize that every day is an opportunity to be innovative and adaptable. At CSAA IG, we hire good people for a brighter tomorrow. We are actively hiring for an IT Security Analyst IV! Join us and support CSAA IG in achieving our goals.

Your Role: The CSAA Cyber Defense Services Team is responsible for developing actionable intelligence on advanced cyber threats to our services and our customers. We collect indicators and intelligence from a variety of internal and external sources and use that information to develop an understanding of high-grade actors and their tools, techniques, and procedures. We then bring to bear that understanding to purposefully identify and mitigate malicious activity.

Your work:
  • The Threat Intel Engineer will consolidate comprehensive analytical intelligence information to enhance security operations teams understanding of and response to threats, gaps, and vulnerabilities

  • Independent collection, analysis, and production of actionable threat intelligence

  • Collecting information and conducting technical analysis to develop intelligence

  • Monitor and analyze the cyber threat landscape in order to identify external and emerging cyber threats

  • Conduct analysis on threat information to identify current impact and identify potential mitigations

  • Maintain awareness of global threat landscape and review sophisticated, technical threat data, enrich it with contextual information and produce in finished intelligence for stakeholder consumption

  • Regularly collaborate with its partners across security operations units to respond to incidents and aid in investigation, to improve overall threat detection and response

  • Provide situational awareness on the current threat landscape and the techniques, tactics and procedures associated with specific threats

  • Periodic on-call responsibilities

The successful individual will be required to analyze indicators to generate actionable intelligence and insight into current threats. They will help enhance our capabilities by formulating new analytic techniques and working across teams to drive the supporting capabilities. A deep understanding of current APT actors and TTPs as well as experience performing question driven analysis is required. Candidates should have a solid grasp of network and host-based indicators and how to best use them. They should be able to script and help automate recurring tasks to improve the overall effectiveness of the team. An understanding of operating systems internals will be an asset.

What would make us excited about you?

  • Deep technical experience and familiarity with various techniques of cyber-attacks, MITRE Att&ck framework

  • Experience supporting incident response and/or investigations

  • Experience reviewing and assessing logs for anomalous activity

  • Knowledge and ability to identify threat actor attack methods and track their developments

  • Solid experience conveying complex information in simple, succinct explanations

  • Support incident response and threat hunting activities to include providing intelligence context, analysis support, industry expertise, and recommendations around remediation and countermeasures

  • Evaluate new intelligence sources and make recommendations for improvements and new sources

  • Exceptional attention to detail

  • Splunk ES (Security)

  • Splunk UBA

  • Splunk Phantom

  • Cloud

  • Python coding experience

  • Endpoint Protection

  • Correlation rule development

  • SPL - search processing language

  • Understanding of basic network, platform, and authentication technologies such as LDAP and TCPIP

  • Able to work with a changing schedule that includes standard or non-standard business hours of work

  • Solid grasp and technical expertise in security architecture

  • BS degree in Computer Science, MIS, Computer Engineering, or 8+ years equivalent technology experience

  • 6+ years of experience with tracking APT groups and other high-grade threats

  • 6+ years of experience in system, network, and/or application security

  • 6+ years of experience building automation

  • 6+ Years demonstrated ability with SQL or other query languages

  • Shows respect for differences through good communication skills with people from an array of backgrounds.

Preferred Qualifications:
  • GCIH Certification

  • Confidence can sometimes hold us back from applying for a job. But we'll let you in on a secret: there's no such thing as a 'perfect' candidate. CSAA IG is a place where everyone can grow. So, however you identify and whatever background you bring with you, please apply if you meet most of the requirements (not all) and this is a role that would make you excited to come to work every day.

CSAA IG Careers

At CSAA IG, we're proudly devoted to protecting our customers, our employees, our communities, and the world at large. We are on a climate journey to continue to do better for our people, our business, and our planet. Taking bold action and leading by example. We are citizens for a changing world, and we continually change to meet it.

Join us if you

  • BELIEVE in a mission focused on building a community of service, rooted in inclusion and belonging.

  • COMMIT to being there for our customers and employees.

  • CREATE a sense of purpose that serves the greater good through innovation.

Recognition: We offer a total compensation package, performance bonus, 401(k) with a company match, and so much more! Read more about what we offer and what it is like to be a part of our dynamic team at: Benefits (

In most cases, you will have the opportunity to choose your preferred working location from the following options when you join CSAA IG: remote, hybrid, or in-person. Submit your application to be considered. We communicate via email, so check your inbox and/or your spam folder to ensure you don't miss important updates from us. If a reasonable accommodation is needed to participate in the job application or interview process, please contact .

As part of our values, we are committed to supporting inclusion and diversity at CSAA IG. We actively celebrate colleagues' different abilities, sexual orientation, ethnicity, and gender. Everyone is welcome and supported in their development at all stages in their journey with us.

We are always recruiting, retaining, and promoting a diverse mix of colleagues who are representative of the U.S. workforce. The diversity of our team fosters a broad range of ideas and enables us to design and deliver a wide array of products to meet customers' evolving needs.

CSAA Insurance Group is an equal opportunity employer.

The national average salary range for this position is $119,250-$132,500. However, we have a location-based compensation structure. Our salary ranges vary and are calculated based on county of residence. The full salary range for this position across all the states we hire in is $107,280-$159,200 This role also includes an opportunity for a company-wide annual discretionary bonus, through our Annual Incentive Plan (AIP), of up to 10% of eligible pay.

If you apply and are selected to continue in the recruiting process, we will schedule a preliminary call with you to discuss the role and will disclose during that call the available salary/hourly rate range based on your location. Factors used to determine the actual salary offered may include location, experience, or education.

Please note we are hiring for this role remote anywhere in the United States with the exception of California, Hawaii and Alaska.

Must have authorization to work indefinitely in the US.

Apply for this job now


  • Job Reference: 706392327-2
  • Date Posted: 7 September 2022
  • Recruiter: CSAA Insurance Group
  • Location: Glendale, Arizona
  • Salary: On Application
  • Sector: I.T. & Communications
  • Job Type: Permanent