Cybersecurity Analyst

About The Position

Requirements

• 5+ years of experience in enterprise cybersecurity operations and security monitoring environments.
• Strong hands-on experience with the Microsoft Security ecosystem
• Experience managing endpoint security and identity security at scale.
• Demonstrated experience running security awareness programs (KnowBe4 preferred).
• Ability to write clear, user-friendly security documentation and training material.
• Strong incident response and investigation skills.
• Experience with PowerShell or automation preferred.
• Excellent communication skills with both technical and non-technical audiences.

Nice To Haves

• Microsoft certifications:
• SC-200, SC-300, SC-400, AZ-500, MD-102
• Security certifications:
• Security+, CySA+, CISSP, CISM, CEH
• Experience with SOAR automation and threat hunting.
• Experience integrating third-party security tools into Microsoft Sentinel.

Responsibilities

• Implement, configure, tune, and maintain the Microsoft Security Stack
• Develop and maintain Zero Trust security architecture across identity, device, network, and application layers.
• Work closely with the SOC to monitor security telemetry, investigate alerts, perform root-cause analysis, and lead incident response activities.
• Execute internal security-related IT and operational projects while also participating as a project team member on broader organizational projects.
• Maintain automated security workflows using Sentinel playbooks, Power Automate, and scripting where appropriate.
• Conduct vulnerability management activities, penetration testing, security posture reviews, and continuous improvement initiatives.
• Partner with IT and business teams to embed security into new projects, cloud workloads, and application deployments.
• Evaluate third-party vendor risk related to cybersecurity.
• Maintain security baselines aligned with CIS, NIST, and Microsoft best practices.
• Collaborate with team members and stakeholders on solutions and designs that align with best practices.
• Administer the KnowBe4 Security Awareness platform
• Analyze user behavior trends and continuously improve training effectiveness.
• Maintain and enhance end‑user security knowledge documentation
• Create easy-to-consume knowledge base articles, quick-reference guides, and internal security bulletins.
• Conduct internal security awareness campaigns and tabletop exercises.
• Assist with the creation, review, and enforcement of security policies, including acceptable use, access control, data protection, and incident response.
• Support audits and assessments against frameworks such as:
• Maintain evidence, reporting, and metrics for leadership visibility.
• Track remediation of security findings and risks.
• Provide limited infrastructure support strictly related to security enablement, visibility, and risk reduction.
• Support secure network segmentation, firewall policy review, and secure cloud connectivity.
• Assist with escalated incidents where security and infrastructure intersect.
• Collaborate with the Infrastructure team on disaster recovery and business continuity initiatives.

Benefits

• Competitive compensation and benefits
• A hybrid work environment
• Certification and professional development support
• Opportunity to own and mature an enterprise security program
• Strong executive visibility and impact
• Collaborative and forward-thinking IT culture