Senior Security Analyst

The Company You’ll Join Carta connects founders, investors, and limited partners through world‑class software, purpose‑built for everyone in venture capital, private equity and private credit. Trusted by 65,000+ companies in 160+ countries, Carta’s platform of software and services lays the groundwork so you can build, invest, and scale with confidence. Carta’s Fund Administration platform supports 9,000+ funds and SPVs, representing nearly $185B in assets under management, with tools designed to enhance the strategic impact of fund CFOs. Recognized by Fortune, Forbes, Fast Company, Inc. and Great Places to Work, Carta is shaping the future of private market infrastructure. Together, Carta is creating the end‑to‑end ERP platform for private markets. Traditional ERP solutions don’t work for Private Funds. Private capital markets need a comprehensive software solution to replace outdated spreadsheets and fragmented service providers. Carta’s software for the Office of the Fund CFO does just that – it’s a new category of software to make private markets look more like public markets – a connected ERP for private capital. For more information about our offices and culture, check out our Carta careers page. The Problems You’ll Solve At Carta, our employees set out on a mission to unlock the power of equity ownership for more people in more places. We believe that the problems we solve today unlock the opportunities of tomorrow. As a Senior Security Analyst, you’ll directly shape and strengthen our detection and response capabilities, help mature our security operations, and ultimately protect the organization from evolving threats. You’ll play a critical role in leading incidents, developing internal tools and playbooks, and reducing response times through automation and continuous improvement. You’ll serve as a point‑of‑contact for incidents and collaborate with stakeholders to shape the future of Carta’s security posture. Here are some problems we’d love for you to help us solve: Lead investigation and response efforts for security incidents, and coordinate with internal stakeholders and external partners when necessary. Own detection use‑case development and write and tune alerts to improve signal‑to‑noise ratio across our environments. Maintain and continually improve security incident response plans, playbooks, and related documentation. Apply Terraform to ensure consistent, secure, and scalable infrastructure deployment and detection pipelines. Develop and maintain internal tooling and automations to improve analyst efficiency for alert triage, IOC enrichment, and evidence collection. Elevate the Security team by coaching peers, mentoring junior analysts, and setting high standards for detection quality and incident handling. Own and execute technical security projects, including scoping, building, testing, deploying, and iterating. Conduct threat hunting and utilize threat intelligence to proactively identify and mitigate emerging risks. Participate in on‑call rotation and continuously improve readiness and handovers. The Team You’ll Work With You will be part of a security‑minded team that believes in progress over perfection and where security culture and mindset is key. Our team is rethinking how detection and response activities can be accomplished in innovative ways. We focus on solving business problems while minimizing and managing risk exposure for Carta. About You We’re looking for candidates who have: Deep experience in triaging, investigating, and remediating security events and incidents across multiple technology stacks. Strong experience with SIEM (e.g., Splunk, Panther, Sentinel), EDR (e.g. SentinelOne, CrowdStrike), and other security tooling (e.g., CASB, SSE, SWG). Working knowledge of Terraform and Infrastructure as Code principles to secure and scale detection/response infrastructure. Solid understanding and a proven ability to apply detection engineering and threat modeling concepts using MITRE ATT&CK or similar frameworks. Excellent judgement and the ability to handle ambiguity and make balanced decisions when working with complex situations. Demonstrated ability to mentor peers, raise technical standards, and influence team maturity. Proven ability to proactively collaborate with cross‑functional teams to influence security priorities and guide risk‑based decisions. Excellent written and verbal communication skills, including the ability to effectively communicate cybersecurity risk across technical and non‑technical audiences. 6+ years of experience in incident management, detection engineering, and security operations. At Carta, you’re not just an employee. You’re a builder who is creating infrastructure that accelerates innovation and empowers more ownership. Cartans are helpful, relentless, unconventional and kind; representing Carta’s Identity Traits. They work collaboratively and cross‑functionally to challenge the status quo; working towards a common goal of creating more owners in the private markets. Disclosures We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. If accommodations due to a disability or medical condition are needed, please connect with the talent partner via email. Carta uses E‑Verify in the United States for employment authorization. See the E‑Verify and Department of Justice websites for more details. For information on our data privacy policies, see Privacy, CA Candidate Privacy, and Brazil Transparency Report. Please note that all official communications from us will come from an @carta.com or @carta‑external.com domain. Report any contact from unapproved domains to security@carta.com. #J-18808-Ljbffr