IT Cybersecurity Analyst

About The Position

Requirements

• Hands-on experience with enterprise security tools (SIEM, EDR, firewalls, vulnerability scanners). 94% of cybersecurity roles now require tool proficiency.
• Knowledge of malware analysis, threat modeling, identity and access management, encryption, and logging standards.
• Familiarity with cloud security (Azure, AWS, or GCP) and modern attack frameworks (MITRE ATT&CK).
• Proficiency in network security concepts and protocols.
• Strong analytical thinking and problem solving—now considered core hiring requirements.
• Excellent communication skills to articulate risks and recommendations to both technical and non-technical audiences
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
• 1–5+ years relevant experience depending on level; hands-on experience is now expected even for junior roles.
• Preferred certifications: Security+, CySA+, CEH, SSCP, or Microsoft Cybersecurity Analyst credentials.

Nice To Haves

• Experience with application security, vulnerability management programs, or governance/risk/compliance (GRC) processes.
• Experience analyzing data transfer security and third-party application risk.
• Knowledge of incident response frameworks and digital forensics methodologies.

Responsibilities

• Continuously monitor enterprise networks, SIEM dashboards, and security alerts for indicators of compromise or anomaly patterns.
• Review device, application, and infrastructure logs to identify suspicious behavior.
• Prioritize and escalate security issues based on impact and urgency.
• Serve as first responder to security events—contain, mitigate, and document incidents.
• Perform forensic investigations to determine root cause, attack vector, and affected systems.
• Collaborate with IT and leadership to implement post-incident remediation.
• Conduct vulnerability scanning, static/dynamic analysis, and penetration testing using enterprise tools.
• Perform regular risk assessments to identify and rank exposure across applications, cloud systems, and infrastructure.
• Coordinate with system owners to ensure vulnerabilities are remediated.
• Support administration of security tools such as SIEM, EDR, IPS/IDS, vulnerability scanners, and data security platforms.
• Work with cross-functional teams to interpret scan results and implement appropriate security controls.
• Assist in designing and strengthening enterprise security architecture.
• Contribute to development, documentation, and enforcement of security policies and procedures.
• Ensure alignment with frameworks such as NIST, ISO 27001, CIS Controls, and regulatory obligations.
• Participate in security control assessments, audits, and compliance reporting.
• Deliver training that promotes secure behavior and reduces organizational risk.
• Provide technical guidance to teams regarding best practices for secure development and data handling.
• Engage with cloud, networking, and application teams to ensure security is embedded across operations.
• Support digital modernization initiatives, including cloud migration and security automation