Cybersecurity Analyst

About The Position

Requirements

• 3 or more years in cybersecurity operations, SOC analyst, or cybersecurity monitoring role
• Hands-on experience with endpoint protection, network detection, or security event management platforms in an operational capacity, including reviewing alerts, triaging events, and documenting outcomes
• Demonstrated ability to write and maintain incident response documentation, such as incident logs, incident reports, and post-incident reviews
• Experience working with or alongside a managed security operations provider, receiving their output, and integrating it into internal security operations
• Familiarity with audit logging requirements and log review processes, including an understanding of what logging coverage means and how to demonstrate it
• Organized, detail-oriented, and able to maintain documentation quality under day-to-day operational pressure
• Comfortable working in a lean security organization where you own your domain independently

Nice To Haves

• Direct experience supporting a formal cybersecurity compliance effort, with an understanding of how operational security outputs map to compliance evidence
• Experience with CrowdStrike (Endpoint protection and detection)
• Experience with Darktrace (Network detection and response)
• Experience with Zscaler (Secure web gateway and network security)
• Experience with ThreatLocker (Application allows listing and execution control)
• Experience with Okta (Identity and access management event monitoring)
• Experience with Vanta (Compliance tracking and evidence management)
• Relevant certifications such as Security+, CySA+, GCIA, GCIH, and CISA
• Candidates working toward or eligible for CISSP
• Familiarity with compliance-driven security environments, where day-to-day monitoring and incident documentation are part of a larger audit and certification process
• Familiarity with security information and event management platforms such as Splunk, Microsoft Sentinel, or Chronicle
• A bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field
• Equivalent hands-on experience, military cybersecurity training, or industry certifications

Responsibilities

• Own daily triage of alerts from our network detection platform and other security tools, reviewing, classifying, escalating, and documenting dispositions.
• Serve as the primary internal point of contact for our managed security operations partner, receiving daily and weekly alert summaries, validating completeness, and tracking open items to closure.
• Maintain the security event log, a running record of alerts, dispositions, escalations, and outcomes that serve as core compliance evidence.
• Identify patterns in alert data and surface recurring issues to the InfoSec Engineer for remediation.
• Ensure continuous monitoring coverage is documented and demonstrable, a direct requirement of the cybersecurity framework we are certifying against.
• Own the incident log, documenting every security event from detection through closure, including timeline, classification, containment actions, and resolution.
• Coordinate with our managed security operations partner on incident triage, escalation, and post-incident reporting, ensuring their outputs are captured and integrated into our internal records.
• Maintain the Incident Response Plan as a living document, updating it based on lessons learned and ensuring it reflects actual operational procedures.
• Produce incident response evidence for our compliance assessment, including incident logs, escalation records, containment documentation, and post-incident reviews.
• Support the Compliance Program Manager in mapping incident documentation to the applicable compliance controls.
• Pull and organize log samples from our endpoint protection, network security, web access, application control, and identity management platforms, demonstrating that logging is active and coverage is comprehensive.
• Document log configuration, including retention settings, coverage scope, and alert thresholds, as evidence that our monitoring posture meets compliance requirements.
• Produce regular monitoring reports to our compliance tracking platform, ensuring the system reflects the current operational status.
• Coordinate with the InfoSec Engineer to ensure logging is enabled and configured correctly across all systems in scope.
• Maintain organized evidence packages, including log samples, triage records, and monitoring reports, ready for assessor review.
• Serve as the day-to-day operational liaison to our managed security operations partner, tracking deliverables, validating report quality, and escalating gaps to the CISO.
• Ensure monitoring outputs from our security partner are received on schedule and integrated into internal compliance records.
• Own the deliverable log, tracking what has been received, what is outstanding, and what has been incorporated into evidence packages.
• Coordinate with the Compliance Program Manager to ensure third-party security operations outputs satisfy our compliance requirements.
• Maintain our compliance tracking platform as the operational source of truth for monitoring evidence, uploading reports, log reviews, and control status updates on a regular cadence.
• Support the Compliance Program Manager in maintaining continuous compliance readiness after certification.
• Flag gaps in monitoring coverage, log retention, or incident documentation to the CISO and Compliance Program Manager.
• Participate in periodic control effectiveness reviews, providing operational data and evidence to support ongoing assessments.

Benefits

• Equity in a fully funded space startup with potential for significant growth (interns excluded)
• 401(k) matching (interns excluded)
• Unlimited PTO (interns excluded)
• Health insurance, including Vision and Dental
• Lunch and snacks provided on site every day. Dinners provided twice a week.
• Maternity / Paternity leave (interns excluded)