Cybersecurity Analyst

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience).
• 2+ years of experience in cybersecurity, IT security, or a similar role.
• Strong knowledge of networking protocols, operating systems (Windows, Linux), and cloud environments (AWS, Azure).
• Hands-on experience with vulnerability management tools (web application and infrastructure scanning)
• SOC 2 compliance knowledge: Understanding of Type 1 & Type 2 controls, audit processes, and evidence requirements
• SQL proficiency: Comfortable writing queries to analyze logs, generate reports, and support compliance activities
• Cloud security experience: Working knowledge of Microsoft 365/Azure, AWS, or GCP environments
• Incident response skills: Experience investigating and responding to security incidents, phishing, account compromises
• Access management: Understanding of least-privilege principles and user access controls in SaaS environments
• Ability to work independently and as part of a team in high-pressure situations.

Responsibilities

• Monitor network traffic, systems, and applications for suspicious activities using security tools like SIEM (Security Information and Event Management) systems, intrusion detection systems (IDS), and firewalls.
• Conduct vulnerability assessments and penetration testing to identify and mitigate potential security weaknesses.
• Investigate and respond to security incidents, including malware infections, data breaches, and unauthorized access attempts, following established incident response protocols.
• Analyze threat intelligence from various sources to stay ahead of emerging cyber threats and recommend proactive measures.
• Collaborate with IT and development teams to implement security best practices, such as secure coding, access controls, and encryption.
• Prepare detailed reports on security findings, incidents, and compliance status for management and regulatory bodies.
• Assist in developing and updating security policies, procedures, and training programs for employees.
• Ensure compliance with relevant regulations (e.g., GDPR, HIPAA, NIST frameworks) and participate in audits.
• Stay current with cybersecurity trends, tools, and certifications through continuous learning and professional development.