Cyber Operations Analyst

About The Position

Requirements

• Strong attention to detail and ability to follow defined processes while applying sound judgment.
• Clear written and verbal communication skills, including the ability to document technical findings for varied audiences.
• High level of integrity and ability to handle sensitive information with discretion.
• Ability to manage multiple priorities in a team-oriented, fast-paced environment.
• Foundational understanding of cybersecurity concepts, including phishing, malware, MFA, and least privilege.
• Familiarity with industry frameworks such as MITRE ATT&CK and NIST CSF.
• Demonstrated curiosity and willingness to learn.
• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field (or equivalent experience).
• 2–4 years of experience in IT, cybersecurity, SOC, help desk, systems administration, or a related internship/academic role.
• Relevant certifications (or in progress), such as Security+, Network+, or Microsoft security fundamentals (AZ-900, SC-900).

Nice To Haves

• Networking fundamentals (TCP/IP, DNS, HTTP/HTTPS, VPN)
• Windows security concepts (accounts, permissions, event logs)
• SIEM and/or EDR/XDR tools (e.g., Microsoft Defender)
• Vulnerability management tools (e.g., Rapid7)
• Microsoft 365 / Entra ID security concepts

Responsibilities

• Monitor and triage security alerts from tools such as SIEM, EDR/XDR, email security, identity systems, and other log sources.
• Perform initial analysis to determine alert validity, scope, and potential impact; identify false positives and document rationale.
• Gather and preserve relevant evidence (logs, endpoint data, email headers, timelines) and maintain clear case notes.
• Follow established playbooks/runbooks to handle common security events (phishing, malware alerts, suspicious logins, policy violations, etc.).
• Escalate confirmed or high-risk events to senior analysts/incident response leads with accurate context and recommendations.
• Assist with containment and remediation tasks under guidance (e.g., isolating endpoints, password resets, blocking indicators, opening IT tickets).
• Own your queue: update tickets promptly, meet internal SLAs, and communicate status clearly to the cyber team and IT partners.
• Document investigations thoroughly and consistently so others can pick up work seamlessly.
• Help maintain and improve cyber operations documentation (runbooks, SOPs, contact lists, alert tuning notes).
• Support routine checks and operational tasks (sensor/agent health, log onboarding validation, dashboard checks, basic reporting).
• Help identify patterns that indicate recurring issues and propose improvements (alert tuning, new detections, process changes).
• Participate in periodic table-top exercises, lessons learned, and process refinement efforts.
• Assist with vulnerability management coordination (tracking findings, validating remediation, communicating with system owners).
• Support phishing response and user-reported security concerns; help with awareness follow-ups and lessons learned.
• Contribute to audits/questionnaires by gathering evidence and maintaining organized records (under supervision).
• Collaborate closely with IT (networking, systems, help desk) and business partners to ensure security supports business outcomes.
• Support joiner/mover/leaver (JML) processes to ensure timely and accurate access provisioning and de-provisioning.
• Assist with access reviews and certification campaigns, tracking completion and following up on outstanding items.
• Help maintain RBAC models and entitlement structures within the IGA platform.
• Monitor and triage IGA alerts and exceptions, including orphaned accounts and access conflicts.
• Escalate anomalies and support audit requirements for identity-related controls.

Benefits

• Medical, dental, and vision insurance options
• Flexible Spending Accounts (FSA) or Health Savings Accounts (HSA) dependent on plan elections
• Paid time off, holidays, and floating holidays
• Paid parental and family caregiver leave
• Mental health and wellness resources
• Life insurance and disability coverage
• 401(k) retirement plan with company match
• Additional programs to support Associates and their families