Application Support Analyst

About The Position

Requirements

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field, or equivalent practical experience
• 3–5 years of hands-on experience in cybersecurity engineering, IT security, or a related discipline
• Demonstrated ownership of incident response activities from detection through containment, eradication, and post-incident review
• Strong experience engineering and tuning detection rules, SIEM alerts, and automated response workflows
• Proven vulnerability management experience including scan configuration, risk prioritization, and remediation tracking
• Hands-on experience with SIEM platforms such as Splunk, Microsoft Sentinel, or equivalent
• Experience administering and engineering security tools such as EDR, vulnerability management, and email security platforms
• Experience managing or partnering closely with SOC, MDR, or MSSP providers
• Deep understanding of common attack vectors and adversary techniques including phishing, ransomware, credential compromise, lateral movement, and privilege escalation
• Strong analytical thinking, incident ownership, and documentation skills
• Ability to collaborate effectively with infrastructure, operations, and business stakeholders

Nice To Haves

• Relevant cybersecurity certifications (e.g., Security+, CySA+, CEH, GIAC) preferred
• Scripting or automation experience using Python or PowerShell preferred
• Experience securing enterprise infrastructure including Active Directory, cloud platforms (Azure, AWS, GCP), and hybrid environments
• Familiarity with security frameworks such as NIST CSF or CIS Controls preferred

Responsibilities

• Own triage, investigation, and response for security alerts and incidents across enterprise environments
• Serve as an internal escalation point for high-severity and complex security incidents
• Partner with external SOC/MDR providers on escalated alerts, tuning, and response coordination
• Conduct root-cause analysis, containment, eradication, and post-incident reviews with documented lessons learned
• Engineer, configure, and administer core security tools including EDR, vulnerability management, and email security platforms
• Design and implement detection rules, correlation logic, and automated response actions to improve security coverage and reduce mean time to response
• Evaluate, recommend, and implement new security tools and capabilities aligned to the security roadmap
• Maintain and improve integrations between security platforms and enterprise systems
• Own the vulnerability management lifecycle including scanning, prioritization, remediation tracking, and risk reporting
• Partner with Infrastructure and IT Operations teams to drive remediation efforts and verify fixes
• Produce vulnerability trend analysis, risk exposure metrics, and executive-facing reports
• Contribute to security program development by identifying gaps, proposing improvements, and executing initiatives
• Track and report on operational security metrics such as incident volume, MTTD, MTTR, and SLA performance
• Serve as a key technical advisor to Infrastructure teams on endpoint, server, network, and cloud security
• Support security awareness initiatives and cross-functional security education efforts