Cybersecurity Analyst

About The Position

Requirements

• 3 or more years in cybersecurity operations, SOC analyst, or cybersecurity monitoring role
• Hands-on experience with endpoint protection, network detection, or security event management platforms in an operational capacity, including reviewing alerts, triaging events, and documenting outcomes
• Demonstrated ability to write and maintain incident response documentation, such as incident logs, incident reports, and post-incident reviews
• Experience working with or alongside a managed security operations provider, receiving their output and integrating them into internal security operations
• Familiarity with audit logging requirements and log review processes, including an understanding of what logging coverage means and how to demonstrate it
• Organized, detail-oriented, and able to maintain documentation quality under day-to-day operational pressure
• Comfortable working in a lean security organization where you own your domain independently

Nice To Haves

• Direct experience supporting a formal cybersecurity compliance effort, with an understanding of how operational security outputs map to compliance evidence
• Our current security tool stack and the experience we are looking for:
• Endpoint protection and detection — we use CrowdStrike
• Network detection and response — we use Darktrace
• Secure web gateway and network security — we use Zscaler
• Application allows listing and execution control — we use ThreatLocker
• Identity and access management event monitoring — we use Okta
• Compliance tracking and evidence management — we use Vanta
• Relevant certifications are a plus but not required. We recognize Security+, CySA+, GCIA, GCIH, and CISA as strong signals for this role. Candidates working toward or eligible for CISSP are equally welcome.
• Familiarity with compliance-driven security environments, where day-to-day monitoring and incident documentation are part of a larger audit and certification process, is a plus but not required
• Familiarity with security information and event management platforms such as Splunk, Microsoft Sentinel, or Chronicle, relevant as we continue to build out our log aggregation capabilities
• A bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field is a plus. Equivalent hands-on experience, military cybersecurity training, or industry certifications are equally considered.

Responsibilities

• Own daily triage of alerts from our network detection platform and other security tools, reviewing, classifying, escalating, and documenting dispositions
• Serve as the primary internal point of contact for our managed security operations partner, receiving daily and weekly alert summaries, validating completeness, and tracking open items to closure
• Maintain the security event log, a running record of alerts, dispositions, escalations, and outcomes that serve as core compliance evidence
• Identify patterns in alert data and surface recurring issues to the InfoSec Engineer for remediation
• Ensure continuous monitoring coverage is documented and demonstrable, a direct requirement of the cybersecurity framework we are certifying against
• Own the incident log, documenting every security event from detection through closure, including timeline, classification, containment actions, and resolution
• Coordinate with our managed security operations partner on incident triage, escalation, and post-incident reporting, ensuring their outputs are captured and integrated into our internal records
• Maintain the Incident Response Plan as a living document, updating it based on lessons learned and ensuring it reflects actual operational procedures
• Produce incident response evidence for our compliance assessment, including incident logs, escalation records, containment documentation, and post-incident reviews
• Support the Compliance Program Manager in mapping incident documentation to the applicable compliance controls
• Pull and organize log samples from our endpoint protection, network security, web access, application control, and identity management platforms, demonstrating that logging is active and coverage is comprehensive
• Document log configuration, including retention settings, coverage scope, and alert thresholds, as evidence that our monitoring posture meets compliance requirements
• Produce regular monitoring reports to our compliance tracking platform, ensuring the system reflects current operational status
• Coordinate with the InfoSec Engineer to ensure logging is enabled and configured correctly across all systems in scope
• Maintain organized evidence packages, including log samples, triage records, and monitoring reports, ready for assessor review
• Serve as the day-to-day operational liaison to our managed security operations partner, tracking deliverables, validating report quality, and escalating gaps to the CISO
• Ensure monitoring outputs from our security partner are received on schedule and integrated into internal compliance records
• Own the deliverable log, tracking what has been received, what is outstanding, and what has been incorporated into evidence packages
• Coordinate with the Compliance Program Manager to ensure third-party security operations outputs satisfy our compliance requirements
• Maintain our compliance tracking platform as the operational source of truth for monitoring evidence, uploading reports, log reviews, and control status updates on a regular cadence
• Support the Compliance Program Manager in maintaining continuous compliance readiness after certification
• Flag gaps in monitoring coverage, log retention, or incident documentation to the CISO and Compliance Program Manager
• Participate in periodic control effectiveness reviews, providing operational data and evidence to support ongoing assessments

Benefits

• Exciting team of professionals at the top of their field working by your side
• Equity in a fully funded space startup with potential for significant growth (interns excluded)
• 401(k) matching (interns excluded)
• Unlimited PTO (interns excluded)
• Health insurance, including Vision and Dental
• Lunch and snacks provided on site every day. Dinners provided twice a week.
• Maternity / Paternity leave (interns excluded)