commvault logo

Security Operations Analyst (Remote - USA East)

commvault United States


No Relocation

Posted: July 7, 2026

Job Description

The Opportunity

Commvault is seeking a Security Operations Analyst to join our Cybersecurity team to help support our Security Operations capabilities. This role is ideal for a hands-on SOC professional who can investigate security alerts, coordinate incident response activities, and contribute to operational improvement efforts across a complex enterprise environment.

The Security Operations Analyst will work closely with teams including Security Engineering, Threat and Vulnerability Management, Networking, Infrastructure, Identity, and IT Operations.

What You'll Do...

  • Investigate security alerts using tools such as CrowdStrike Falcon Suite, Microsoft Sentinel, endpoint telemetry, identity logs, network data, and cloud security sources.
  • Perform alert triage and analysis to determine the scope, severity, and potential impact of security events.
  • Support incident response activities, including investigation, containment, remediation, recovery, and post-incident documentation.
  • Participate in rotational on-call escalation coverage for higher-priority security events outside normal business hours, as needed.
  • Write clear incident reports, investigation summaries, timelines, findings, and recommended improvements.
  • Support selected SOC projects focused on improving detection quality, workflows, playbooks, reporting, automation, and response readiness.
  • Participate in regular security operations reviews and collaborate with cross-functional teams, including Security Engineering, Threat and Vulnerability Management, Networking, Infrastructure, Identity, and IT Operations.

Who You Are...

  • 2-4 years of cybersecurity experience, including hands-on SOC experience.
  • Experience investigating security alerts, performing triage, documenting findings, and supporting incident response.
  • Hands-on experience with CrowdStrike Falcon Suite.
  • Experience with Microsoft Sentinel or similar SIEM technology.
  • Experience supporting hybrid Active Directory and Microsoft Entra ID environments.
  • Understanding of common attack techniques, including phishing, credential compromise, malware execution, lateral movement, privilege escalation, and data exfiltration.
  • Ability to analyze endpoint, identity, network, cloud, and SIEM telemetry to determine scope, severity, and business impact.
  • Strong written and verbal communication skills, including the ability to brief technical findings and drive follow-up across teams.

Preferred Qualifications

  • Security+, GIAC certifications, or other relevant cybersecurity credentials.
  • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
  • Experience with threat hunting, detection engineering, malware analysis, or digital forensics.
  • Familiarity with KQL, PowerShell, Python, MITRE ATT&CK, or incident response frameworks.
  • Experience improving SOC processes, playbooks, metrics, or detection and response workflows.

You'll Love Working Here Because...

  • Continuous professional development and training
  • Clear career growth and advancement opportunities
  • Inclusive company culture
  • Comprehensive benefits package

#LI-PK1

#LI-Remote

Additional Content

The Opportunity

Commvault is seeking a Security Operations Analyst to join our Cybersecurity team to help support our Security Operations capabilities. This role is ideal for a hands-on SOC professional who can investigate security alerts, coordinate incident response activities, and contribute to operational improvement efforts across a complex enterprise environment.

The Security Operations Analyst will work closely with teams including Security Engineering, Threat and Vulnerability Management, Networking, Infrastructure, Identity, and IT Operations.

What You'll Do...

  • Investigate security alerts using tools such as CrowdStrike Falcon Suite, Microsoft Sentinel, endpoint telemetry, identity logs, network data, and cloud security sources.
  • Perform alert triage and analysis to determine the scope, severity, and potential impact of security events.
  • Support incident response activities, including investigation, containment, remediation, recovery, and post-incident documentation.
  • Participate in rotational on-call escalation coverage for higher-priority security events outside normal business hours, as needed.
  • Write clear incident reports, investigation summaries, timelines, findings, and recommended improvements.
  • Support selected SOC projects focused on improving detection quality, workflows, playbooks, reporting, automation, and response readiness.
  • Participate in regular security operations reviews and collaborate with cross-functional teams, including Security Engineering, Threat and Vulnerability Management, Networking, Infrastructure, Identity, and IT Operations.

Who You Are...

  • 2-4 years of cybersecurity experience, including hands-on SOC experience.
  • Experience investigating security alerts, performing triage, documenting findings, and supporting incident response.
  • Hands-on experience with CrowdStrike Falcon Suite.
  • Experience with Microsoft Sentinel or similar SIEM technology.
  • Experience supporting hybrid Active Directory and Microsoft Entra ID environments.
  • Understanding of common attack techniques, including phishing, credential compromise, malware execution, lateral movement, privilege escalation, and data exfiltration.
  • Ability to analyze endpoint, identity, network, cloud, and SIEM telemetry to determine scope, severity, and business impact.
  • Strong written and verbal communication skills, including the ability to brief technical findings and drive follow-up across teams.

Preferred Qualifications

  • Security+, GIAC certifications, or other relevant cybersecurity credentials.
  • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
  • Experience with threat hunting, detection engineering, malware analysis, or digital forensics.
  • Familiarity with KQL, PowerShell, Python, MITRE ATT&CK, or incident response frameworks.
  • Experience improving SOC processes, playbooks, metrics, or detection and response workflows.

You'll Love Working Here Because...

  • Continuous professional development and training
  • Clear career growth and advancement opportunities
  • Inclusive company culture
  • Comprehensive benefits package

#LI-PK1

#LI-Remote