Cybersecurity Analyst

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, OR equivalent practical experience in an information security or IT role, with a focus on security operations.
• Relevant industry certifications such as CompTIA Security+, CISSP, CEH, GIAC (GSEC, GCIA, GCIH), or CCSP.
• Experience with security tools such as SIEM (e.g., Splunk, LogRhythm, Azure Sentinel), IDS/IPS, firewalls (e.g., Palo Alto, Cisco), and EDR platforms.
• Experience with cloud security platforms (AWS, Azure, or GCP).
• Experience with scripting languages (e.g., Python, PowerShell) for automation.
• Valid driver's license and valid Passport.
• Knowledge of network protocols (TCP/IP), network security architecture, and operating systems (Windows, Linux, macOS).
• Proficiency in the application of NIST Cyber Security Framework, CIS Controls, SOC 2, ISO 27001, and other best-practice standards.
• Knowledge of common security frameworks (e.g., NIST CSF, MITRE ATT&CK).
• Knowledge of forensic analysis techniques.
• Skills in analytical thinking and problem solving.
• Skills in oral and written communication.
• Skills in project management and organization
• Ability to pay attention to detail.
• Ability to communicate technical information to a non-technical audience.

Responsibilities

• Monitors Security Information and Event Management (SIEM) systems, Intrusion Detection Systems (IDS), and other security tools for security alerts and anomalies.
• Conducts initial triage, investigation, and analysis of security incidents (e.g., malware infections, unauthorized access attempts, DDoS attacks).
• Executes incident response procedures, including containment, eradication, and recovery, and document all steps taken.
• Performs regular vulnerability scans and penetration testing (or coordinate with external vendors).
• Analyzes scan results, prioritize risks, and collaborate with IT teams to manage and track remediation efforts.
• Stays current on the latest security threats, vulnerabilities, and industry trends.
• Develops and maintains threat models and risk assessments for critical assets.
• Assists in the development, implementation, and maintenance of security policies, standards, and procedures.
• Review and recommend security enhancements to existing systems and new projects.
• Participate in recommendation and implementation of various security infrastructure platforms (e.g., firewalls, endpoint detection and response (EDR), multi-factor authentication (MFA)).
• Assist with internal and external security audits and compliance efforts (e.g., ISO 27001, HIPAA, SOC 2).
• Maintain accurate security logs and documentation for regulatory compliance.
• Support the creation and delivery of security awareness training for all employees.
• Participates in a 24/7 on-call rotation as required.