Crexi is reimagining commercial real estate with an AI-powered platform built to deliver smarter, more efficient solutions at every stage of the deal lifecycle. From real-time data and market insights generated by Crexi Intelligence, to targeted property marketing and seamless deal management through Crexi PRO, and a transparent, time-bound bidding experience with Crexi Auction— Crexi enables users to evaluate opportunities, maximize exposure, and close with speed and confidence. To date, Crexi has facilitated over $1 trillion in transactions, 8.6 billion square feet leased, and supports a growing community of more than 2 million monthly active users.
Crexi’s mission is to catalyze the next generation of commercial real estate through three core pillars: Access, Innovation, and Connection. Crexi’s platform democratizes CRE by providing unprecedented access to market insights and opportunities, accelerates CRE dealmaking with purpose-built technology that enhances speed and transparency; and empowers CRE professionals with a centralized platform designed for real-time collaboration and success.
About This Role:
The Senior Security Operations Analyst is Crexi’s primary internal security practitioner, responsible for day-to-day security operations, threat detection and response, and maintaining a strong security posture across the organization. Reporting to the Director, Information Technology, this role serves as the internal first line of defense for security events, protecting company systems, endpoints, identities, and data against evolving threats.
What You’ll Do
- Monitor and triage security alerts, serve as the first internal escalation point for managed SOC vendors, investigate flagged incidents, and maintain accurate, timely incident logs.
- Manage endpoint security tooling, administer EDR and MDM platforms, enforce policy compliance across employee devices, and remediate vulnerabilities identified through scans or alerts
- Owns identity and access management (IAM) policy, access review design and audit reporting.
- Run the phishing simulation and security awareness program, schedule and manage campaigns, track completion rates, report results to leadership, and follow up with repeat offenders or high-risk user groups.
- Support SOC 2 evidence collection, pull logs, screenshots, and control artifacts on a recurring cadence to support corporate-side controls for audit and compliance readiness.
- Maintain security documentation, keep runbooks, incident response procedures, and access control policies current, accurate, and accessible.
- Partner with IT and engineering on security architecture reviews, vulnerability management, and secure configuration standards to reduce attack surface.
- Support vendor and third-party security assessments, including reviewing security questionnaires and tracking remediation commitments.
- Track and report key security metrics, alert volumes, mean time to respond, endpoint coverage, phishing click rates, and open vulnerabilities, on a recurring basis to the Director, IT.
- Leverage AI-assisted threat detection and SIEM analytics to improve alert fidelity, reduce noise, and surface high-priority incidents faster.
- Evaluate and pilot AI-powered security tools (e.g., AI-assisted SOAR, behavioral anomaly detection) to augment manual investigation workflows and accelerate response.
- Performs other duties as assigned.
Who You Are
- Strong working knowledge of security operations concepts: threat detection, incident response, vulnerability management, and identity and access control.
- Hands-on experience with EDR platforms (e.g., CrowdStrike), MDM tools, and SIEM or log management platforms.
- Working knowledge of IAM principles and tools (e.g., Azure AD / Entra ID), including SSO, SCIM, and privileged access management.
- Familiarity with SOC 2 trust service criteria and the practical evidence collection requirements for a corporate IT environment.
- Strong written communication skills, able to produce clear incident reports, runbooks, and executive-facing security summaries.
- Detail-oriented and organized, with the ability to manage multiple open incidents, tasks, and recurring compliance obligations simultaneously.
- Collaborative approach to working with cross-functional stakeholders including IT, engineering, legal, and HR.
- Self-starter who operates with a high degree of ownership and escalates appropriately when uncertainty or risk warrants it.
- Familiarity with AI/ML-assisted security tooling and an understanding of how AI both augments defensive capabilities and introduces new risk vectors to the environment.
Qualifications:
- Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field preferred; equivalent professional experience considered.
- 5–8 years of experience in a security operations, IT security, or similar hands-on role.
- Hands-on experience supporting compliance frameworks, particularly SOC 2; familiarity with control evidence collection and audit preparation.
- Security certifications preferred, e.g., CompTIA Security+, GCIA, GCIH, SSCP, or equivalent.
- Experience working in cloud environments (AWS, Azure) with an understanding of cloud security fundamentals.
- Experience with AI-powered security tools, SOAR platforms, or automated threat detection workflows is a plus.
Why Crexi?
- Rapidly growing startup with a dynamic work environment
- Flexible team structure with the ability to progress in career
- Health, Dental, and Vision insurance
- Collaborative culture and numerous team activities
The California base pay range for this position is $148,000-$201,000 per year with eligibility for generous bonus, equity, and healthcare insurance. The total compensation package offered to a successful candidate will depend on several factors, which may include, but are not limited to, the type and length of experience applicable to the role and within the industry, job-related skills, job level, and geographic location. Commercial Real Estate Exchange, Inc (“Crexi”) is a multi-state employer, and this salary range may not reflect positions that work in other states.
Crexi is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Crexi will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
Skills Required
- Strong working knowledge of security operations concepts: threat detection, incident response, vulnerability management, and identity and access control
- Hands-on experience with EDR platforms (e.g., CrowdStrike), MDM tools, and SIEM or log management platforms
- Working knowledge of IAM principles and tools (e.g., Azure AD / Entra ID), including SSO, SCIM, and privileged access management
- Familiarity with SOC 2 trust service criteria and practical evidence collection requirements for corporate IT
- Strong written communication skills to produce incident reports, runbooks, and executive-facing summaries
- Detail-oriented and organized, able to manage multiple incidents, tasks, and recurring compliance obligations
- Collaborative approach to working with cross-functional stakeholders (IT, engineering, legal, HR)
- Bachelor's degree in Information Security, Computer Science, Information Technology, or related field (preferred) or equivalent experience
- 5-8 years of experience in security operations, IT security, or similar hands-on role
- Security certifications preferred (CompTIA Security+, GCIA, GCIH, SSCP, or equivalent)
- Experience working in cloud environments (AWS, Azure) with understanding of cloud security fundamentals
- Experience with AI-powered security tools, SOAR platforms, or automated threat detection workflows
Crexi Compensation & Benefits Highlights
-
Healthcare Strength — Comprehensive medical, dental, and vision plans are offered with employer-paid premiums for individual enrollment and multiple plan options. Employer-paid life, short-term disability, long-term disability, and mental-health resources further deepen the coverage suite.
-
Leave & Time Off Breadth — Flexible or unlimited PTO, a set of company holidays, and stated generous parental leave provide substantial time‑off support. FMLA‑aligned protections are also highlighted for eligible employees.
-
Equity Value & Accessibility — Equity is available via option grants, with mentions of an employee stock purchase plan. Performance and referral bonuses add additional upside in the total rewards mix.
Crexi Insights
What We Do
Crexi is reimagining commercial real estate with an AI-powered platform built to deliver smarter, more efficient solutions at every stage of the deal lifecycle. From real-time data and market insights with Crexi Intelligence, to targeted property marketing and seamless deal management through Crexi PRO, and a transparent, time-bound bidding experience with Crexi Auction— Crexi enables users to evaluate opportunities, maximize exposure, and close with speed and confidence. With over $1 trillion in transactions facilitated, 8.6 billion square feet leased, and a growing community of more than 2 million monthly active users, Crexi offers tailored, tech-driven tools that empower CRE professionals to succeed —on their terms.
Why Work With Us
At Crexi, we live and breathe values of collaboration, transparency and growth. Everyone has a voice and is encouraged to use it. We seek to foster an environment where every employee has the ability to make a difference in our product and company. We care about our team, and see our people as the fabric that enables our organization to thrive.
Gallery
Crexi Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.













