Cyber Security Analyst

About The Position

Requirements

• Bachelors in IT, Information Systems, or Computer Science, or equivalent combination of education and/or experience
• 5 years related experience, with 3+ years of experience supporting operational systems and networks
• Experience supporting Microsoft security technologies such as Microsoft 365, Entra ID, Intune, Purview, Defender, Sentinel, Azure security logging, Conditional Access, and audit/eDiscovery capabilities
• Experience reviewing, triaging, and escalating security alerts from SIEM, endpoint, identity, network, cloud, SaaS, or infrastructure platforms
• Working knowledge of CMMC Level 2, NIST SP 800-171, CUI handling, SSP/POA&M support, security control evidence collection, and compliance documentation
• Must be a U.S. Citizen and able to obtain a clearance

Nice To Haves

• Strong leadership, collaboration, and mentoring skills.
• Relevant certifications such as Security+, CySA+, CISSP Associate, SSCP, CISM, CCSP, Microsoft Security certifications, Azure Security Engineer, SC-200, SC-300, SC-400, or CMMC ecosystem training are preferred.

Responsibilities

• Support daily and project-based cybersecurity activities across Microsoft 365 Commercial, Microsoft GCC High, Entra ID, Okta, Intune, Purview, Sentinel, Azure-hosted infrastructure, endpoint systems, Palo Alto security technologies, VDI, and secure collaboration environments.
• Support implementation and sustainment of Zero Trust-aligned security controls, including conditional access, privileged access, role-based access, session controls, device compliance, and break-glass account procedures.
• Assist with Microsoft GCC High security operations, including tenant security configuration review, SharePoint segmentation support, Teams governance, data labeling, audit logging, and security evidence collection.
• Monitor and triage alerts from Microsoft Sentinel, Microsoft 365, Entra ID, Okta, endpoints, network devices, Azure services, VDI platforms, and ERP-related systems where integrated.
• Develop and maintain SOC/SIEM use cases, alert-tuning recommendations, incident-response runbooks, dashboards, and recurring security reports.
• Support vulnerability management activities.
• Support endpoint and device security activities, including secure baseline validation, Intune compliance policy review, software update governance, logging review, and secure engineering workstation support.
• Contribute to network and infrastructure security activities, including VPN security review, segmentation validation, and firewall policy review.
• Support CMMC Level 2 and NIST SP 800-171 readiness activities, including SSP and POA&M support, compliance mappings, control assertion support, audit artifact preparation, and recurring evidence validation.
• Create and maintain operational documentation, including security procedures, configuration records, incident response checklists, change records, administrator runbooks, evidence inventories, and knowledge transfer materials.