Cybersecurity Analyst

About The Position

Requirements

• Bachelor’s degree in information technology, Cybersecurity, Computer Science, or a related field preferred. Equivalent relevant work experience may be substituted.
• 1–5+ years in cybersecurity or IT operations, or equivalent hands-on experience.
• Candidates are expected to be comfortable working directly in security tools; depth of responsibility will align with experience.
• EDR policy management, investigations, and containment
• Alert triage, query development, dashboards, and runbooks
• Vulnerability scanning, prioritization, and remediation
• Azure Entra ID / Active Directory with MFA, Conditional Access, and privilege hygiene
• Cybersecurity awareness training and phishing campaigns with metrics reporting
• PowerShell: ability to read and modify basic scripts; advanced scripting a plus.
• Familiarity with ticketing and change management
• Clear incident documentation and concise stakeholder updates
• Experience supporting audits or security questionnaires
• Security Tooling (transferable): SIEM (Microsoft Sentinel, Splunk, ConnectWise), EDR (CrowdStrike, SentinelOne, Microsoft Defender), vulnerability management (Tenable, Qualys), and security awareness platforms (KnowBe4)
• Working knowledge of security frameworks (NIST CSF, 800-53/800-171, CIS Controls)
• Azure and Microsoft 365 security fundamentals, detection tuning and automation using KQL and PowerShell
• Comfortable learning new tools and techniques while working on real investigations.
• Must be able to read and comprehend complex instructions, short correspondence and memos and the ability to write simple correspondence. Ability to effectively present information in one-on-one and small group situations to other employees of the organization.
• The physical demands described herein are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is frequently required to walk, use hands to finger; handle or feel; and kneel; crouch; or crawl; and talk; or hear; push and/or pull; reach; climb; bend and/or stoop; balance; work at heights greater than 100 feet, balance at heights greater than 100 feet. The employee must occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include close vision, color vision, peripheral vision and depth perception.

Nice To Haves

• Separates signal from noise and uses data to justify tuning and remediation
• Drives incidents and vulnerabilities to closure with cross-functional teams
• Balances security controls with user experience and operational impact
• Translates technical risk for non-technical audiences

Responsibilities

• Monitor SIEM and EDR alerts, investigate and document findings, escalate per runbooks, and tune detections to reduce noise while maintaining coverage
• Perform root-cause analysis of incidents where applicable
• Conduct periodic threat hunting aligned with current attacker techniques
• Maintain EDR policies, agent health, and containment workflows, and coordinate remediation with IT operations
• Perform vulnerability scans, prioritize CVEs, drive patching or mitigations, track SLAs, and report risk trends
• Enforce MFA and Conditional Access, review privileged access, and support identity hardening and authentication policies
• Plan and execute phishing simulations and role-based security awareness training, reporting metrics and driving behavior improvement
• Develop SIEM analytics and playbooks, enrich detections, and support incident response and post-incident reviews
• Maintain procedures and evidence, support audit and risk activities, and contribute to the security policy lifecycle
• Other duties as assigned