Cyber Security Operations Analyst

VHB•Orlando, FL

18h•Hybrid

About The Position

VHB is seeking a Cyber Security Operations Analyst to join our IT Security team. This role reports to the Cyber Security Operations Manager and works closely with infrastructure, systems, network, endpoint, and cloud teams to help monitor, investigate, and respond to security events across the enterprise. This is a hands-on operational role suited for someone with a strong background in IT systems, networking, infrastructure, or security operations who is interested in growing deeper into cybersecurity. The ideal candidate is naturally curious, organized, and enjoys digging into system behavior, logs, alerts, and technical details to understand what happened, why it happened, how to prevent recurrence, and how to improve security visibility and response. This role will contribute to the continued maturity of VHB's security operations program by helping improve monitoring, detection logic, documentation, response procedures, vulnerability management, and automation. Applicants must be legally authorized to work for VHB in the U.S. without employer sponsorship.

Requirements

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent professional experience.
3–5+ years of experience in IT roles such as system administration, network administration, infrastructure support, endpoint support, cloud administration, IT operations, or cybersecurity.
Strong understanding of Windows systems, networking fundamentals, authentication, and enterprise IT environments.
Ability to investigate technical issues using logs, alerts, system data, and user activity.
Strong written communication and documentation skills.
Ability to work collaboratively with infrastructure, network, endpoint, and support teams.
Interest in cybersecurity operations, incident response, detection, and risk reduction.

Nice To Haves

1–2+ years of security operations, SOC, incident response, vulnerability management, or security monitoring experience.
Experience with Microsoft security technologies such as Microsoft Defender, Microsoft 365 security tools, Microsoft Entra ID, Microsoft Sentinel, or Azure security services.
Familiarity with security monitoring tools such as SIEM platforms, endpoint detection and response tools, email security tools, vulnerability scanners, or security dashboards.
Experience with scripting, query, or automation tools such as PowerShell or Kusto Query Language (KQL).
Working knowledge of networking fundamentals including TCP/IP, DNS, routing, firewalls, VPNs, and authentication protocols.
Security certifications such as Security+, CySA+, SC-200, AZ-500, GCIH, or similar.

Responsibilities

Monitor security alerts, SIEM tools, dashboards, and endpoint platforms to identify threats and suspicious activity across the enterprise.
Investigate security events through log, endpoint, authentication, cloud, email, and network analysis to determine root cause, scope, and impact.
Support incident response activities, including investigation, containment, escalation, documentation, and coordination with IT teams.
Perform threat hunting and vulnerability management by analyzing suspicious behavior, reviewing scan results, prioritizing findings, and tracking remediation.
Develop and tune SIEM detections, alert logic, monitoring use cases, and security operations workflows.
Create and maintain incident response procedures, alert triage playbooks, investigation documentation, and case management records.
Collaborate with infrastructure, network, cloud, endpoint, and support teams to resolve security-related issues and improve monitoring coverage.
Support phishing simulations, security awareness initiatives, reporting, automation, and continuous improvement efforts.