The Company
Moelis & Company is a leading global independent investment bank that provides innovative strategic advice and solutions to a diverse client base, including corporations, governments, and financial sponsors.
The company assists its clients in achieving their strategic goals by offering comprehensive integrated financial advisory services across all major industry sectors.
Moelis & Company’s experienced professionals advise clients on their most critical decisions, including mergers and acquisitions, recapitalizations and restructurings, capital markets transactions, and other corporate finance matters.
The firm serves its clients from 21 locations in the Americas, Europe, the Middle East, Asia, and Australia.
For further information, please visit: Moelis or follow us on Twitter @Moelis.
The Opportunity
We are seeking a talented and motivated Vice President, Security Analytics to join the Moelis security team.
This person will own investigation of incidents, drive triage escalation, and improve capabilities through data analysis and automation. S/he will guide MSSP performance and driving advanced detection, automation, and response capabilities. The role emphasizes critical thinking, analytical reasoning, and hands-on scripting to enhance SOC efficiency and detection quality to improve SOC maturity, detection fidelity, and operational scalability.
Reporting To: Joseph, mcginty
Director, Security Analystics & Governance
Location:
The ideal candidate will be located in the New York City metro area
(NY / NJ / CT).
This is a hybrid role, splitting time between remote work and 2-3 days in Moelis’ Midtown Manhattan office and working remotely.
Responsibilities:
SOC Operations & MSSP Oversight
Oversee alert triage and incident handling across SIEM, EDR, identity, and cloud platforms, ensuring quality and consistency
Act as the internal escalation point for MSSP-generated alerts
Provide direction and feedback to MSSP to improve alert quality and response consistency
Validate MSSP findings and ensure appropriate prioritization and remediation
Incident Investigation & Response
Lead complex, high-impact incident investigations across endpoint detection, identity, cloud, and network domains
Serve as the senior escalation point for major incidents
Correlate data across multiple sources to determine root cause and scope
Document incidents with clear timelines, impact assessments, and recommendations
Security Analytics & Detection Engineering
Analyze logs and datasets to identify detection gaps and improve signal quality
Drive detection strategy, including prioritization, tuning, and measurable reduction of false positives and gaps
Develop and maintain detection use cases aligned to threat frameworks (e.g., MITRE ATT&CK)
Design, test, and deploy new detection rules and analytics based on emerging threats and internal findings
Define and track detection coverage metrics and maturity ensuring alignment with broader threat modeling and business risk
Automation & Engineering (Required)
Architect and oversee the automation strategy (Python, PowerShell, APIs) to scale triage, enrichment and response workflows
Integrate tools and APIs to streamline SOC processes
Improve case management workflows and response playbooks through automation
Drive the adoption of SOAR and/or AI-assisted workflows where appropriate
Continuous Improvement
Propose and implement improvements to monitoring coverage and response processes
Contribute to playbooks, runbooks, and detection standards
Participate in threat hunting and simulation exercises
Partner with senior security leadership to align SOC capabilities with enterprise risk priorities
The Candidate
Required Skills and Characteristics:
Critical Thinking (Primary Evaluation Criteria):
Ability to analyze incomplete or ambiguous data and form defensible conclusions
Strong hypothesis-driven investigation approach
Demonstrated problem-solving in technical or analytical contexts
Ability to translate ambiguous threat signals into actionable detection & response strategies
Technical Skills
Hands-on experience with scripting (Python, PowerShell, or similar) with production level implementations
Familiarity with SIEM, EDR, and log analysis
Understanding of common attack techniques and investigation methods
Analytical Skills
Ability to identify patterns and anomalies across datasets
Experience working with structured or semi-structured data
Experience defining metrics and KPIs to measure detection efficacy and SOC performance
Communication
Clear, concise incident documentation
Ability to challenge and validate MSSP outputs constructively
Ability to communicate effectively with cross-functional stakeholders and non-technical peers and leaders
Nice to Have
Experience building detection rules or analytics (Splunk, Sentinel, Elastic, etc.)
SQL or data querying experience
Exposure to AI/ML-assisted security workflows or automation tools
Threat hunting experience
Education and Experience:
5-10+ years in cybersecurity, IT, or analytical roles, ideal with significant experience in SOC, detection engineering, or security analytics
Bachelor’s degree or equivalent practical experience
What Success Looks Like (6-12 Months):
Partners with peers to establish a high-performing SOC operating model with measurable improvements in alert quality and response times
Identifies and implements measurable detection or automation improvements
Reduces false positives or improves alert fidelity
Effectively challenges and improves MSSP outputs
Builds automation that reduces manual SOC workload
Improves KPIs and reporting that demonstrate better detection coverage and reduced risk exposure
Moelis & Company is an Equal Opportunity Employer. Applicants are considered for employment opportunities without regard to race, age, religion, color, sex (including pregnancy and gender identity), parental status, national origin, marital status, veteran status, sexual orientation, political affiliation, citizenship status, genetic information (including family medical history), disability (in compliance with the Americans with Disabilities Act and any other applicable law), or any other characteristic or status protected under any applicable US, state or other law. This policy applies to all terms and conditions of employment, including recruitment and hiring, appraisal systems, promotions, and training.
