At Iron Mountain we know that work, when done well, makes a positive impact for our customers, our employees, and our planet. That’s why we need smart, committed people to join us. Whether you’re looking to start your career or make a change, talk to us and see how you can elevate the power of your work at Iron Mountain.
We provide expert, sustainable solutions in records and information management, digital transformation services, data centers, asset lifecycle management, and fine art storage, handling, and logistics. We proudly partner every day with our 225,000 customers around the world to preserve their invaluable artifacts, extract more from their inventory, and protect their data privacy in innovative and socially responsible ways.
Are you curious about being part of our growth story while evolving your skills in a culture that will welcome your unique contributions? If so, let's start the conversation.
Job Summary
Iron Mountain is seeking an experienced and driven Senior Security Operations Specialist to join our Global Information Security team.
In this role, you will be responsible for three core, non-negotiable areas: engineering, managing, and tuning our critical security platforms, including SIEM (Chronicle) and SOAR (Palo Alto XSOAR); developing and maintaining automated response playbooks to drastically reduce our Mean Time to Respond (MTTR) ; and building, refining, and maintaining custom threat detections to enhance enterprise visibility and threat hunting.
What You’ll Do
In this role, you will:
Security Platform Operations & Engineering: Manage, tune, and optimize critical security platforms including SIEM (Chronicle), SOAR (XSOAR), EDR (CrowdStrike), DLP (Cyberhaven), and Vulnerability Management (Tenable). Ensure high availability, consistent coverage, and proper logging across all security endpoints and cloud applications.
Automation & Response Development: Develop and maintain SOAR playbooks (XSOAR / Siemplify) to automate triage, enrichment, and response workflows. You will integrate multiple security tools into automated workflows to streamline incident handling and asset validation.
Threat Detection & Intelligence: Build, refine, and maintain custom detections, parsers, rules, and dashboards to enhance enterprise threat visibility. You will also analyze security telemetry to identify risks, anomalies, threat trends, and operational gaps.
Collaborate and Report: Investigate security alerts, correlate signals across tools, and guide containment, eradication, and recovery actions. Deliver clear security posture reporting and executive-ready insights tied to risk and business impact.
What You’ll Bring
The ideal candidate will have:
5–10 years of experience in Security Operations (SecOps), Security Operations Center (SOC), or Incident Response (IR) roles with extensive hands-on SIEM & SOAR engineering experience.
Strong, practical knowledge of the core enterprise security stack tools, including CrowdStrike, Cyberhaven, Axonius, Tenable, Chronicle, and Palo Alto XSOAR.
Deep understanding of log ingestion, detection engineering, threat hunting, and incident response workflows.
Proven ability to triage real-world threats and build scalable, automated response processes.
Working knowledge of automation scripting, with Python, PowerShell, and API integrations preferred.
Education: Bachelor’s degree in Computer Science, Cybersecurity, or a related field—or equivalent practical experience.
