Cybersecurity Analyst

About The Position

Requirements

• Bachelors degree in Information Security, Cybersecurity, Computer Science, or a closely related technical field; or an equivalent combination of education and relevant professional experience.
• 5 years of progressively responsible experience in cybersecurity operations, incident response, vulnerability management, or closely related IT security roles.
• Working knowledge of cybersecurity fundamentals, including common threats, attack vectors, kill chain/attack lifecycle concepts, and defensive techniques.
• Familiarity with cybersecurity frameworks and compliance standards (e.g., NIST, CIS Controls, SOC 2, FedRAMP / FISMA), including experience supporting audits, assessments or control evidence collection.
• Hands-on experience with log analysis, endpoint and network telemetry, authentication and authorization concepts, and basic forensic analysis.
• Experience using common cybersecurity tools and platforms, such as endpoint detection and response (EDR), security incident and event management (SIEM), vulnerability scanning, email security controls, identity and authentication systems, and firewalls.
• Working familiarity with a broad set of core IT domains, such as operating systems (e.g., Windows and Linux), identity and access management (e.g., directory services, RBAC, MFA, SSO), networking protocols (e.g., TCP/IP, DNS, HTTP/S, TLS), storage, cloud environments, and endpoint and device management.
• Strong analytical and problem-solving skills with the ability to manage multiple priorities, investigate ambiguous issues, and drive tasks to closure.
• Strong written and verbal communication skills, including the ability to clearly document technical findings and collaborate effectively with IT staff and business stakeholders.
• Bachelors degree in Information Security, Cybersecurity, Computer Science, or a closely related technical field; or an equivalent combination of education and relevant professional experience.
• 5 years of progressively responsible experience in cybersecurity operations, incident response, vulnerability management, or closely related IT security roles.
• Working knowledge of cybersecurity fundamentals, including common threats, attack vectors, kill chain/attack lifecycle concepts, and defensive techniques.
• Familiarity with cybersecurity frameworks and compliance standards (e.g., NIST, CIS Controls, SOC 2, FedRAMP / FISMA), including experience supporting audits, assessments or control evidence collection.
• Hands-on experience with log analysis, endpoint and network telemetry, authentication and authorization concepts, and basic forensic analysis.
• Experience using common cybersecurity tools and platforms, such as endpoint detection and response (EDR), security incident and event management (SIEM), vulnerability scanning, email security controls, identity and authentication systems, and firewalls.
• Working familiarity with a broad set of core IT domains, such as operating systems (e.g., Windows and Linux), identity and access management (e.g., directory services, RBAC, MFA, SSO), networking protocols (e.g., TCP/IP, DNS, HTTP/S, TLS), storage, cloud environments, and endpoint and device management.
• Strong analytical and problem-solving skills with the ability to manage multiple priorities, investigate ambiguous issues, and drive tasks to closure.
• Strong written and verbal communication skills, including the ability to clearly document technical findings and collaborate effectively with IT staff and business stakeholders.

Nice To Haves

• Professional certifications such as CompTIA Security+, CySA+, GIAC (GSEC/GCIH), or similar are preferred.
• Basic scripting or automation skills (e.g. Python, PowerShell) to support investigations, reporting, data analysis or operational tasks.
• Familiarity with IT Service Management concepts such as change management, incident management, asset management and configuration baselines.

Responsibilities

• Monitor, analyze, and correlate security alerts, logs, dashboards and events using cybersecurity tools (e.g. IAM, SIEM, endpoint protection, email security, network and cloud logs) to identify potential threats, anomalies, and suspicious activity.
• Triage and investigate cybersecurity incidents; validate alerts through correlating logs and indicators of compromise (IOCs) analysis to assess impact, reduce false positives, and support incident containment and recovery.
• Collect, preserve, and analyze initial incident evidence; document findings, develop timelines, and escalate significant or complex incidents to the Principal Cybersecurity Architect.
• Investigate and support end-to-end incident response activities, including containment, eradication, recovery, and evidence collection
• Execute, maintain and improve incident response playbooks and standard operating procedures (such as phishing, malware, account compromise, suspicious privileged access, data exposure), to ensure consistent and efficient response actions.
• Support vulnerability scanning, risk-based prioritization, and remediation tracking across endpoints, servers, network devices, and cloud environments ; collaborate with IT teams to reduce exposure and track remediation progress.
• Contribute to endpoint protection and detection engineering efforts, including EDR policy tuning, alert rule optimization, and escalation of detection gaps or recurring trends.
• Support engineering efforts to deploy new security tools and technical controls.
• Support administration, tuning and operations of cybersecurity tools (including identity and access management (IAM), endpoint and mobile device protection (EDR, MDM), security incident and event management (SIEM), firewalls, vulnerability management, email security, data loss prevention (DLP), web filtering, and cybersecurity training tools), coordinating changes and validating outcomes.
• Participate in technical evaluations of systems, security assessments, audits, and penetration testing activities by gathering evidence, validating control effectiveness, and supporting remediation planning.
• Maintain accurate and timely cybersecurity documentation, including incident reports, root cause analysis, security procedures/runbooks, tool configuration records, and operational metrics.
• Support cybersecurity awareness and training initiatives by contributing content, analyzing phishing simulation results, tracking compliance, and promoting security best practices.
• Assist in ensuring compliance with established security policies and regulatory standards (e.g., NIST, CIS Controls, FedRAMP/FISMA) through support for control monitoring and audit readiness.
• Stay informed of emerging cybersecurity threats, vulnerabilities, and best practices; proactively recommend operational improvements within assigned responsibilities.
• Perform other duties as assigned.