Cyber Defense Analyst III

About Playlist

At Playlist, we believe life's richest moments happen when people step away from screens to move, connect, explore, and play. We are building the definitive platform for intentional living, connecting people with inspiring experiences in fitness, wellness, and beyond. Through popular brands like Mindbody and ClassPass, Playlist empowers businesses and individuals, making aspirations effortless actions. Join us in reshaping technology's role to foster meaningful, real-world connections.

Your Role: Cyber Defense Analyst III

The Cyber Defense Analyst III is a senior, intelligence-focused role dedicated to advancing Playlist's Cyber Threat Intelligence (CTI) and Threat Hunting capabilities. This position specializes in adversary-focused analysis, intelligence-driven hunting, and translating crucial threat insights into tangible improvements across detection, response, and risk management. The ideal candidate brings strong experience in security operations and incident response, enabling them to contextualize intelligence within real-world environments and support complex security incidents through expert analysis and advisory guidance. Success in this role requires a deep understanding of modern SaaS and cloud-based environments, strong analytical judgment, and the ability to synthesize complex threat data into actionable intelligence for both technical and non-technical audiences. You'll contribute to continuous improvement, helping Playlist achieve its mission: Powering the world’s fitness and wellness businesses and connecting them with more consumers, more effectively, than anyone else.

What You Will Do:

• Lead the development and execution of the Cyber Threat Intelligence (CTI) program, focusing on adversary tracking, emerging threats, and relevant campaigns.
• Continuously monitor the threat landscape, synthesizing intelligence from internal telemetry, commercial feeds, OSINT, and industry sharing communities.
• Produce actionable intelligence products (tactical, operational, and strategic) tailored for security operations, engineering, and leadership.
• Conduct hypothesis-driven threat hunting using intelligence-informed methodologies, documenting findings and recommending mitigations or detection improvements.
• Map adversary activity to MITRE ATT&CK and related frameworks to identify coverage gaps and prioritize defensive improvements.
• Correlate threat intelligence with security incidents and investigations to provide adversary context, likely next steps, and risk-based recommendations.
• Partner with Cyber Defense teams to translate intelligence and hunt findings into improved detections, alerts, and response playbooks.
• Maintain awareness of current security incidents and escalations to inform intelligence analysis and hunting priorities.
• Serve as an on-call escalation advisor during critical security incidents, providing threat intelligence, adversary analysis, and strategic guidance to incident response leadership.
• Develop and maintain documentation for intelligence workflows, hunting methodologies, and analytic tradecraft.
• Mentor analysts and engineers on intelligence consumption, ATT&CK usage, and adversary-focused thinking.

About the Right Team Member:

You are an experienced, self-motivated security professional passionate about leading and executing impactful, high-quality security initiatives. You understand that the best security is created through collaboration and iteration, and you seek an opportunity to expand your experience within the right team.

Required Experience:

• Broad and deep knowledge of cybersecurity principles, adversary behavior, and defensive best practices.
• 5–7 years of information security or technology experience, including 3+ years in a senior or advanced analyst role.
• Practical application of frameworks such as MITRE ATT&CK in enterprise environments.
• Experience with CTI methodologies and threat hunting frameworks (e.g., Sqrrl, TaHiTI, PEAK).
• Expertise analyzing threat data and identifying adversary tactics, techniques, and procedures (TTPs).
• Hands-on experience operating SIEM platforms (e.g., Google Chronicle, Splunk) and CTI solutions.
• Familiarity with automation and scripting (Python, Bash, PowerShell).
• Experience monitoring and securing cloud environments (AWS, Azure, GCP).
• Strong written and verbal communication skills, including executive-level summaries.
• Ability to balance security risk, operational impact, and business priorities.

Preferred Certifications:

• GIAC (GCIA, GCED, GCTI), CISSP, or comparable certifications strongly preferred.

Key skills/competency:

• Cyber Threat Intelligence (CTI)
• Threat Hunting
• Incident Response
• Adversary Analysis
• MITRE ATT&CK
• Cloud Security (AWS, Azure, GCP)
• SIEM Platforms (Chronicle, Splunk)
• Security Operations
• Python Scripting
• Risk Management