Cybersecurity Analyst

Graco manufactures and markets premium equipment to move, measure, control, dispense and spray a wide variety of fluid and powder materials. What does that mean? Well, we pump peanut butter into your jar, and the oil in your car. We glue the soles of your shoes, the glass in your windows and the screen on your phone. We spray the finish on your vehicle, coatings on your pills, the paint on your house and texture on your walls. Graco is part of your daily life.

This role is currently based at our Minneapolis office and will transition to our new headquarters in Dayton, MN, in 2027.

The Security Analyst will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats across enterprise environments. This role will operate at the intersection of security operations, incident response, automation, and security data analytics, leveraging modern SIEM, SOAR, XDR, and MDR platforms.

The analyst will work closely with SOC, cloud, IAM, and engineering teams to improve detection fidelity, accelerate response, and reduce operational risk through automation and AI‑assisted security operations.

What You Will Do at Graco

Security Operations & Incident Response

• Monitor and triage security alerts from SIEM, XDR, EDR, and MDR platforms
• Perform incident investigation, containment, eradication, and recovery
• Conduct root cause analysis and document incidents, lessons learned, and response improvements
• Support 24x7 SOC operations (on‑call or rotational as required)

Security Analytics & Detection Engineering

• Develop, tune, and maintain SIEM detection rules, analytics, and dashboards
• Perform security data analysis across logs, telemetry, and threat intelligence sources
• Correlate data across endpoints, identities, networks, cloud workloads, and applications
• Improve signal‑to‑noise ratio and reduce false positives

SOAR, Automation & AI‑Driven Security

• Design, implement, and optimize SOAR playbooks for alert triage and response

• Support SOC automation initiatives to reduce manual effort and MTTR

• Leverage AI‑powered security assistants (e.g., Microsoft Copilot for Security or other GenAI tools) to:

• Accelerate investigations

• Summarize incidents

• Enhance analyst productivity

• Contribute to adoption of AI‑driven SIEM/XDR capabilities (added plus)

Forensics & Threat Investigation

• Perform endpoint, identity, email, and cloud forensics
• Analyze malware, phishing, and account compromise scenarios
• Partner with Threat Intelligence teams to track adversary techniques (MITRE ATT&CK)

Collaboration & Continuous Improvement

• Work with IAM, Cloud Security, Network, and Application Security teams
• Support continuous improvement of SOC processes, runbooks, and metrics
• Participate in purple team exercises, tabletop simulations, and post‑incident reviews

What You Will Bring to Graco

• Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience)

• 3+ years of experience in Security Operations / SOC / Incident Response

• Hands‑on experience with:

• SIEM platforms (log ingestion, correlation, alerting)

• SOAR platforms (playbooks, automation)

• Incident Response & Digital Forensics

• Strong hands‑on experience with Microsoft Defender ecosystem:

• Defender for Endpoint

• Defender for Office 365

• Defender for Identity

• Defender for Cloud Apps

• Defender for Cloud

• Experience with Microsoft Sentinel (analytics rules, KQL, workbooks, automation)

• Experience with one or more Managed Detection & Response (MDR) / XDR platforms, such as:

• CrowdStrike

• Rapid7

• Arctic Wolf

• or similar enterprise MDR/XDR solutions

• Solid understanding of:

• Identity & Access Management (IAM)

• Cloud Security

• Endpoint & Email Security

• Threat Detection & Response

Accelerators

• Experience with AI‑driven security operations, including:

• Copilot for Security

• GenAI‑powered SOC tools

• AI‑assisted investigation and response

• Experience with cloud platforms:

• AWS, OCI, Azure, or GCP

• Familiarity with XDR‑native SIEM platforms

• Scripting or automation experience:

• Python, PowerShell, KQL, REST APIs

• Experience with MITRE ATT&CK, NIST CSF, or similar frameworks

• Relevant certifications:

• SC‑200, SC‑100

• GCED / GCIH / GCIA

• AZ‑500, AWS Security Specialty

• CrowdStrike, Rapid7, or Sentinel certifications

Applicants must be legally authorized to work in the United States. This role is not eligible for immigration sponsorship now or in the future (e.g., H-1B, TN, F-1 OPT).

At Graco, you truly make a difference. Your unique talents contribute to our organizational growth and future. Not only do you make a difference, but Graco's culture empowers employees to create their own career path. Whether you choose to advance within your current department or explore new opportunities in different divisions, you have the ability to build your future. Our managers are here to provide support and guidance as you continue to grow within your career.

Graco has excellent opportunities available to individuals who want to be part of a fast-moving, growing company that is committed to quality, innovation and solving fluid handling problems for our customers. Graco is proud to be named a Best Place to Work by Fortune Magazine in 2016, 2018, 2019, 2021 & 2022. Graco offers attractive compensation, benefits and career development opportunities. Graco's comprehensive benefits include medical, dental, stock purchase plan, 401(k), tuition reimbursement and more.

Our company uses E-Verify to confirm the employment and eligibility of all newly hired employees. To learn more about E-Verify, including your rights and responsibilities, please visit www.dhs.gov/E-Verify.

The base pay range for this position is listed below, exclusive of fringe benefits or other compensation. If you are hired, your final base hourly rate will be determined based on factors such as geographic location, skills, competencies, education, and/or experience. In addition to those factors, we will also consider internal equity of our current employees. Please keep in mind that the range provided is the full base salary range for the role. Hiring at or near the maximum of the range would not be typical to allow for future and continued salary growth.

$64,600.00 - $113,100.00