At Playlist, life's richest moments happen when people step away from screens to move, connect, explore, and play. We're building the definitive platform for intentional living, connecting people with inspiring experiences in fitness, wellness, and beyond. With popular brands like Mindbody and ClassPass, Playlist empowers businesses and individuals, making it effortless for aspirations to become actions. Join us in reshaping technology's role to foster meaningful, real-world connections.

Your role:

The Cyber Defense Analyst III is a senior, intelligence-focused role responsible for advancing the organization’s Cyber Threat Intelligence (CTI) and Threat Hunting capabilities. This role specializes in adversary-focused analysis, intelligence-driven hunting, and translating threat insights into meaningful improvements across detection, response, and risk management. The ideal candidate brings strong experience in security operations and incident response, enabling them to contextualize intelligence within real-world environments and support complex security incidents through analysis and advisory guidance. Success in this role requires a deep understanding of modern SaaS and cloud-based environments, strong analytical judgment, and the ability to synthesize complex threat data into actionable intelligence for both technical and non-technical audiences. You’ll pursue continuous improvement to help Playlist achieve its mission: Powering the world’s fitness and wellness businesses and connecting them with more consumers, more effectively, than anyone else.

You will:

• Lead the development and execution of the Cyber Threat Intelligence (CTI) program, focusing on adversary tracking, emerging threats, and campaigns relevant to the organization
• Continuously monitor the threat landscape, synthesizing intelligence from internal telemetry, commercial feeds, open-source intelligence (OSINT), and industry sharing communities
• Produce actionable intelligence products (tactical, operational, and strategic) tailored to security operations, engineering, and leadership audiences• Conduct hypothesis-driven threat hunting using intelligence-informed methodologies, documenting findings and recommending mitigations or detection improvements
• Map adversary activity to MITRE ATT&CK and related frameworks to identify coverage gaps and prioritize defensive improvements
• Correlate threat intelligence with security incidents and investigations to provide adversary context, likely next steps, and risk-based recommendations
• Partner with Cyber Defense teams to translate intelligence and hunt findings into improved detections, alerts, and response playbooks
• Maintain awareness of current security incidents and escalations to inform intelligence analysis and hunting priorities
• Serve as an on-call escalation advisor during critical security incidents, providing threat intelligence, adversary analysis, and strategic guidance to incident response leadership
• Develop and maintain documentation for intelligence workflows, hunting methodologies and analytic tradecraft
• Mentor analysts and engineers on intelligence consumption, ATT&CK usage, and adversary-focused thinking

About the right team member:

You are an experienced, self-motivated security professional who is passionate about leading andexecuting impactful and high-quality security initiatives. You know the best security is created through collaboration and iteration, and you are looking for the right opportunity and the right team to expand your experience.

You’ll thrive in this role with experience in:

• Broad and deep knowledge of cybersecurity principles, adversary behavior, and defensive best practices
• 5–7 years of information security or technology experience, including 3+ years in a senior or advanced analyst role
• Practical application of frameworks such as MITRE ATT&CK in enterprise environments
• Experience with CTI methodologies and threat hunting frameworks (e.g., Sqrrl, TaHiTI, PEAK)
• Expertise analyzing threat data and identifying adversary tactics, techniques, and procedures (TTPs)
• Hands-on experience operating SIEM platforms (e.g., Google Chronicle, Splunk) and CTI solutions
• Familiarity with automation and scripting (Python, Bash, PowerShell)
• Experience monitoring and securing cloud environments (AWS, Azure, GCP)
• Strong written and verbal communication skills, including executive-level summaries
• Ability to balance security risk, operational impact, and business priorities
• GIAC (GCIA, GCED, GCTI), CISSP, or comparable certifications strongly preferred

Sound like the role for you? We’d love to hear from you! Even if you’re not 100% sure about potential fit, we still encourage you to apply. We’re looking for the right person, not the perfect series of checkboxes.

The Company is an Equal Opportunity Employer. We highly value diversity at our company and encourage people of all different backgrounds, experiences, abilities and perspectives to apply. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or other protected characteristics.

By entering your email and phone number and submitting your application, you consent to receive emails, calls and SMS about your application and other roles at The Company, including by auto-dialer. Message and data rates may apply. Opt-out or text STOP to cancel at any time. If you are a California resident or reside outside the United States then by submitting your application you confirm that you have read, understood, agree and - where applicable - grant your prior, free, informed and express consent for the processing of your personal information, including sensitive personal information, as described in our California Applicant Privacy Notice or International Applicant Privacy Notice (as applicable).

Note: This description outlines key responsibilities but isn’t intended to cover every task or duty. Additional responsibilities may be assigned as needed to support the team and business goals.