Lead - Cybersecurity Operations Job at Frontier Airlines in Denver

Overview

Lead Analyst, Cybersecurity Operations – Frontier Airlines

What Will You Be Doing?

The Lead Analyst, Cybersecurity Operations will be part of the Cybersecurity team that analyzes, implements, monitors, troubleshoots, and audits the cybersecurity of the Frontier network infrastructure. The Lead Analyst provides timely and comprehensive updates to the Sr. Manager of Cybersecurity Operations on threat intelligence, detection, monitoring, threat hunting, and incident response. The scope includes system-monitoring platforms, anti-virus, DLP, URL filtering, PCI environments, and any new tools introduced to the network. The Lead Analyst will oversee the onshore SOC team and is responsible for the Vulnerability Management program, meeting SLA benchmarks, tool collection and performance metrics, maintaining SOPs and playbooks, incident response, digital forensics, and supporting remediation efforts on applications/systems. The Lead onshore analyst will coordinate daily handover reports, threat intelligence alerts status, vulnerability management progress, escalation to Level 2, and daily standups with offshore and onshore teams. Regular meetings with the Sr. Manager of Cybersecurity Operations to review ServiceNow tickets, projects, tool audits, known exploited vulnerabilities, and other high-priority issues occur multiple times per week.

Essential Functions

• Monitor, investigate, analyze, respond, and report cyber incidents identified through detection/response platforms.
• Lead support to Management in detecting and responding to cybersecurity alerts and incidents.
• Engage and escalate incidents to Cyber Operations Management and other Cyber Incident Response Team members.
• Support incident response activities and training exercises and act as the lead incident response analyst.
• Drive risk reduction for known vulnerabilities and indicators of compromise.
• Monitor security threats and risks, perform in-depth incident analysis, evaluate incidents, conduct proactive threat research, and recommend mitigations.
• Evaluate cybersecurity violations through examination of logs, OSINT, vulnerability data, and user reports.
• Conduct investigations and evaluations of projects to determine cybersecurity risk and feasibility.
• Administer, maintain, tune, and perform health checks on cybersecurity products and services (e.g., secure mail gateway, SIEM, EDR, vulnerability management, DLP, UEBA, etc.).
• Provide and implement recommendations for new technical controls to mitigate vulnerabilities.
• Lead the vulnerability management program, including weekly stakeholder meetings, ticket tracking, SLA adherence, and weekly reporting to the Sr. Manager of Cybersecurity.
• Perform threat hunting to detect cyber threats in the environment.
• Coordinate support for purple, red, and blue team engagements.
• Provide cybersecurity technical assistance to system/application owners.
• Support day-to-day cybersecurity tasks and projects; provide status updates to Management.
• Draft and maintain SOPs; support Security Awareness Training efforts and phishing campaigns.
• Support vulnerability assessments (e.g., pen testing, static/dynamic testing, scorecard assessments).
• Participate in afterhours/on-call rotation for incidents.
• Develop, monitor, and track cybersecurity metrics and prepare slide decks for presentations.
• Coordinate response and remediation across departments; maintain Incident Response documentation and verify contact information periodically.
• Attend vendor meetings and act as the contact for cybersecurity vendors.
• Provide leadership and training to Analysts and Senior Analysts; onboard new analysts.
• Provide support to management as needed.

Qualifications

• Bachelor’s degree in computer science, technology, or equivalent experience (required).
• 6+ years of relevant IT/Cybersecurity experience (required).
• 3+ years in a Supervisor or Lead Analyst role (required).
• 5+ years in security operations with enterprise cybersecurity products (required).
• 5+ years of SIEM experience (required).
• 4+ years supporting MITRE ATT&CK framework-based activities (required).
• Knowledge of ISO 27001, NIST CSF, NIST 800-53, PCI DSS ASV (highly desired).
• Hands-on experience with PowerShell, vulnerability management, Wireshark, NMAP (required).
• Industry cybersecurity certification (e.g., Security+, Pentest+, CEH, CISSP, CISA/CISM, GCIH/GSEC, CCNA) or willingness to attain within 3 months of start date (required).
• Hands-on Cloud security remediation experience (Azure/AWS/GCP; Defender) (required).
• Experience with next-gen EDR, enterprise firewall, IPS, log management, Cisco/Check Point (required).
• URL filtering/web proxy troubleshooting experience (desirable).
• OSINT and digital forensics knowledge for threat hunting.
• Ability to create presentations and provide metrics; drive risk reduction quarter-over-quarter.
• Proactively identify hardening opportunities and coordinate deployments with supporting teams.

Knowledge, Skills And Abilities

• Ability to understand and communicate industry trends and vulnerabilities and their impact on the organization.
• Strong troubleshooting and management of security components.
• Solid understanding of attacker techniques, threat intelligence, risk management, and MITRE ATT&CK principles.
• Knowledge of risk assessment tools, technologies, and methodologies.
• Broad knowledge of enterprise security systems and devices; penetration testing and remediation.
• Design and implement cybersecurity controls; estimate work and deliver projects on time.
• Proficiency in network traffic and packet analysis; ability to coordinate multiple tasks.
• Strong written and verbal communication; ability to collaborate across teams.
• Willingness to work >40 hours, some weekends, and after-hours on-call.
• Ability to learn new systems quickly and work independently or with a team.
• Proactively identify gaps and deploy solutions; create roadmaps aligned with Cyber Operations goals.

Work Environment and Other Details

• Work is in a 3 days in-office / 2 days remote arrangement (subject to change); on-call after hours and weekends required.
• Physical: light exertion up to 20 pounds occasionally and up to 10 pounds frequently.
• Supervision: general direction; minimal day-to-day instruction.
• Salary Range: $110,114 - $146,157.
• Posting closing date: on or before midnight 12/30/25 MT.
• Workplace policies and equal opportunity employer statements apply as noted in the original posting.