We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results
New

Information Security Risk Analyst

Lam Research
United States, Oregon, Tualatin
Jul 07, 2026
Job Summary

The Cyber Threat Analytics Analyst is responsible for identifying, developing, and improving the organization's ability to detect malicious behavior, suspicious activity, and security anomalies across the enterprise. This role is part Information Security team focused on bringing detection development, threat analysis operationalization, SIEM correlation, behavioral analytics, and AI-assisted threat detection capabilities into the organization.The analyst will work closely with Security Operations, Incident Response, and Vulnerability Management teams to improve detection coverage, reduce false positives, and identify threats that may bypass traditional controls.

Job Responsibilities
  • Develop, test, tune, and maintain SIEM detection rules, log correlation searches, alerts, dashboards, and analytics.
  • Translate threat intelligence, adversary tactics, and emerging attack trends into actionable detections.
  • Build and improve analytics to identify malicious behavior, compromised accounts, lateral movement, and anomalous activity.
  • Use AI-driven analytics, UEBA, and behavioral baselining to identify activity that deviates from normal user, endpoint, network, cloud, and application behavior.
  • Map detection content to MITRE ATT&CK tactics and techniques to identify coverage strengths and gaps.
  • Partner with SOC analysts to improve alert triage, investigation playbooks, enrichment, and escalation criteria.
  • Support Incident Response during active investigations by analyzing logs, identifying patterns, and developing new detections from lessons learned.
  • Identify gaps in logging, telemetry, and visibility and recommend improvements to security monitoring coverage.
  • Document detection logic, assumptions, data sources, expected behavior, response guidance, and tuning decisions.
  • Track detection effectiveness, alert fidelity, false positive rates, detection coverage, and time-to-detect improvements.
Who We're Looking For

We are looking for an analytical and curious cybersecurity professional who enjoys finding patterns in large volumes of security data. The ideal candidate understands how attackers operate, how enterprise systems generate security telemetry, and how to turn threat intelligence into meaningful detections.The right person for this role should be comfortable working across SIEM data, endpoint telemetry, identity logs, cloud activity, email security events, network data, and behavioral analytics platforms. They should be able to think like an attacker, understand normal business behavior, and identify signals that indicate suspicious or malicious activity.

Strong candidates will have experience in one or more of the following areas:

  • Security Operations Center analysis
  • Threat hunting
  • SIEM rule development
  • Threat intelligence analysis
  • Incident response
  • Detection tuning
  • Behavioral analytics or UEBA
  • Cloud, endpoint, identity, or network security monitoring
Preferred Qualifications
  • Experience with SIEM platforms such as Microsoft Sentinel, Splunk, Exabeam, Securonix, or similar tools.
  • Experience writing detection queries using KQL, SPL, SQL, or similar query languages.
  • Familiarity with Microsoft Defender XDR, Defender for Endpoint, Defender for Identity, Microsoft Sentinel, Entra ID, or similar security platforms.
  • Understanding of MITRE ATT&CK and common adversary tactics, techniques, and procedures.
  • Experience using threat intelligence to create detections and threat hunting hypotheses.
  • Experience with AI-assisted analytics, UEBA, anomaly detection, or behavioral baselining.
  • Familiarity with cloud security monitoring across Azure, AWS, or Google Cloud.
  • Ability to analyze logs from identity systems, endpoints, firewalls, proxies, email gateways, SaaS applications, and cloud platforms.
  • Experience documenting detection logic, investigation steps, and response guidance.
  • Scripting or automation experience with Python, PowerShell, Logic Apps, or similar tools.
  • Familiarity with MISP, STIX/TAXII, threat intelligence feeds, or indicator management.
  • Certifications such as GCIH, GCIA, GCDA, GMON, GCTI, GCFA, Security+, CySA+, CISSP, or equivalent experience.
Our commitment

We believe it is important for every person to feel valued, included, and empowered to achieve their full potential. By bringing unique individuals and viewpoints together, we achieve extraordinary results.

Lam Research ("Lam" or the "Company") is an equal opportunity employer. Lam is committed to and reaffirms support of equal opportunity in employment and non-discrimination in employment policies, practices and procedures on the basis of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex (including pregnancy, childbirth and related medical conditions), gender, gender identity, gender expression, age, sexual orientation, or military and veteran status or any other category protected by applicable federal, state, or local laws. It is the Company's intention to comply with all applicable laws and regulations. Company policy prohibits unlawful discrimination against applicants or employees.

Lam offers a variety of work location models based on the needs of each role. Our hybrid roles combine the benefits of on-site collaboration with colleagues and the flexibility to work remotely and fall into two categories - On-site Flex and Virtual Flex. 'On-site Flex' you'll work 3+ days per week on-site at a Lam or customer/supplier location, with the opportunity to work remotely for the balance of the week. 'Virtual Flex' you'll work 1-2 days per week on-site at a Lam or customer/supplier location, and remotely the rest of the time.

Our Perks and Benefits

At Lam, our people make amazing things possible. That's why we invest in you throughout the phases of your life with a comprehensive set of outstanding benefits.

>
Applied = 0

(web-77cf7d65c7-jdxdg)