Cybersecurity Analyst

About The Position

Requirements

• A passion for infosec, analytical skills and a quick learner.
• Basic cybersecurity skills.
• General understanding of servers, applications, LDAP, DNS, IP addressing and subnetting, ports.
• Understanding of email headers.
• General understanding of malware sandboxing technology.
• Understanding of malware and phishing tools/techniques.
• Strong communication skills.

Nice To Haves

• Familiarity with Splunk and how to run Splunk queries is a bonus.
• Awareness or knowledge of Python and PowerShell is a bonus.
• General understanding of AI and MCP.
• Experience triaging cloud and web-app related security alerts.
• AWS and/or cybersecurity related training and certifications are a plus.

Responsibilities

• Monitor the McGraw Hill Splunk SIEM platform for security alerts.
• Handle 2 daily transition calls with the evening SOC team in India, at 9:15 AM EST and 4:15 PM EST.
• Perform standard operating procedures (SOPs) for each alert type, to quickly respond to security alerts and investigate them until closure.
• Work with IT personnel to report violations and close security alerts.
• Leverage our security automation tool (Splunk SOAR) for responding to incidents.
• Escalating any P1 (high priority) alerts immediately to the SOC manager
• Perform phishing email attack investigations.
• Perform triage steps when end users fall victim to attacks.
• Perform threat hunting on attack techniques commonly used by adversaries.
• Provide testing and supplemental support for Cybersecurity engineer project tasks.
• Track security incidents in a spreadsheet for monthly metrics.
• Perform daily, weekly, and monthly threat hunting tasks.

Benefits

• A full range of medical and/or other benefits may be provided, depending on the position offered.