Cybersecurity Analyst

About The Position

Requirements

• 3 or more years in cybersecurity operations, SOC analyst, or cybersecurity monitoring role
• Hands-on experience with endpoint protection, network detection, or security event management platforms in an operational capacity, including reviewing alerts, triaging events, and documenting outcomes
• Demonstrated ability to write and maintain incident response documentation, such as incident logs, incident reports, and post-incident reviews
• Experience working with or alongside a managed security operations provider, receiving their output, and integrating it into internal security operations
• Familiarity with audit logging requirements and log review processes, including an understanding of what logging coverage means and how to demonstrate it
• Organized, detail-oriented, and able to maintain documentation quality under day-to-day operational pressure
• Comfortable working in a lean security organization where you own your domain independently

Nice To Haves

• Direct experience supporting a formal cybersecurity compliance effort, with an understanding of how operational security outputs map to compliance evidence
• Our current security tool stack and the experience we are looking for: Endpoint protection and detection — we use CrowdStrike Network detection and response — we use Darktrace Secure web gateway and network security — we use Zscaler Application allows listing and execution control — we use ThreatLocker Identity and access management event monitoring — we use Okta Compliance tracking and evidence management — we use Vanta
• Relevant certifications are a plus but not required. We recognize Security+, CySA+, GCIA, GCIH, and CISA as strong signals for this role. Candidates working toward or eligible for CISSP are equally welcome.
• Familiarity with compliance-driven security environments, where day-to-day monitoring and incident documentation are part of a larger audit and certification process, is a plus but not required.
• Familiarity with security information and event management platforms such as Splunk, Microsoft Sentinel, or Chronicle, relevant as we continue to build out our log aggregation capabilities
• A bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field is a plus. Equivalent hands-on experience, military cybersecurity training, or industry certifications are equally considered.

Responsibilities

• Security Monitoring and Alert Triage Own daily triage of alerts from our network detection platform and other security tools, reviewing, classifying, escalating, and documenting dispositions.
• Serve as the primary internal point of contact for our managed security operations partner, receiving daily and weekly alert summaries, validating completeness, and tracking open items to closure.
• Maintain the security event log, a running record of alerts, dispositions, escalations, and outcomes that serve as core compliance evidence
• Identify patterns in alert data and surface recurring issues to the InfoSec Engineer for remediation.
• Ensure continuous monitoring coverage is documented and demonstrable, a direct requirement of the cybersecurity framework we are certifying against
• Incident Response Documentation Own the incident log, documenting every security event from detection through closure, including timeline, classification, containment actions, and resolution.
• Coordinate with our managed security operations partner on incident triage, escalation, and post-incident reporting, ensuring their outputs are captured and integrated into our internal records.
• Maintain the Incident Response Plan as a living document, updating it based on lessons learned and ensuring it reflects actual operational procedures.
• Produce incident response evidence for our compliance assessment, including incident logs, escalation records, containment documentation, and post-incident reviews.
• Support the Compliance Program Manager in mapping incident documentation to the applicable compliance controls.
• Log Management and Audit Evidence Pull and organize log samples from our endpoint protection, network security, web access, application control, and identity management platforms, demonstrating that logging is active and coverage is comprehensive.
• Document log configuration, including retention settings, coverage scope, and alert thresholds, as evidence that our monitoring posture meets compliance requirements
• Produce regular monitoring reports to our compliance tracking platform, ensuring the system reflects the current operational status
• Coordinate with the InfoSec Engineer to ensure logging is enabled and configured correctly across all systems in scope.
• Maintain organized evidence packages, including log samples, triage records, and monitoring reports, ready for assessor review.
• Managed SOC Coordination Serve as the day-to-day operational liaison to our managed security operations partner, tracking deliverables, validating report quality, and escalating gaps to the CISO.
• Ensure monitoring outputs from our security partner are received on schedule and integrated into internal compliance records.
• Own the deliverable log, tracking what has been received, what is outstanding, and what has been incorporated into evidence packages.
• Coordinate with the Compliance Program Manager to ensure third-party security operations outputs satisfy our compliance requirements.
• Continuous Monitoring and Compliance Platform Maintain our compliance tracking platform as the operational source of truth for monitoring evidence, uploading reports, log reviews, and control status updates on a regular cadence
• Support the Compliance Program Manager in maintaining continuous compliance readiness after certification
• Flag gaps in monitoring coverage, log retention, or incident documentation to the CISO and Compliance Program Manager
• Participate in periodic control effectiveness reviews, providing operational data and evidence to support ongoing assessments

Benefits

• Exciting team of professionals at the top of their field working by your side
• Equity in a fully funded space startup with potential for significant growth (interns excluded)
• 401(k) matching (interns excluded)
• Unlimited PTO (interns excluded)
• Health insurance, including Vision and Dental
• Lunch and snacks provided on site every day. Dinners provided twice a week.
• Maternity / Paternity leave (interns excluded)