Security Analyst

About The Position

Requirements

• 2-4 years of hands‑on experience in IT security, infrastructure operations, or a closely related technical role.
• Solid understanding of Windows operating systems, directory services, networking fundamentals, and common enterprise attack techniques.
• Experience investigating security incidents or operational issues and following them through to resolution.
• Familiarity with endpoint, network, identity, and infrastructure security controls in an enterprise environment.
• Demonstrated ability to analyze information from multiple data sources and make sound decisions under time pressure.
• Proven habit of producing clear, accurate technical documentation and maintaining investigation or change records as part of daily work.
• Strong written and verbal communication skills, with the ability to explain technical findings to both technical and non‑technical audiences.

Nice To Haves

• Experience deploying, configuring, managing and operating SIEM, XDR and similar IT security tools and solutions.
• Exposure to vulnerability management, system hardening, or baseline security frameworks.
• Scripting or automation experience (e.g., PowerShell or similar) to support investigation, data collection, or operational efficiency.
• Familiarity with retail, distributed, or multi‑site IT environments.
• Industry certifications such as Security+, CySA+, GSEC, or equivalent practical experience.

Responsibilities

• Monitor, analyze, and respond to security alerts and events across endpoint, network, identity, and infrastructure security controls.
• Investigate suspected security incidents, determine scope and impact, perform root‑cause analysis, and coordinate remediation activities with IT and infrastructure teams.
• Own the documentation of incidents, investigations, findings, and remediation actions, ensuring records are accurate, complete, and suitable for operational review and audit purposes.
• Assist with the evaluation, deployment, configuration, and ongoing operation of security monitoring, logging, and detection capabilities to improve visibility across on‑premises and cloud‑connected systems.
• Perform proactive threat‑hunting and security reviews to identify suspicious behavior, misconfigurations, or control gaps within Windows systems, directory services, endpoints, networks, and virtualization platforms.
• Conduct vulnerability assessments, track remediation efforts, and verify the effectiveness of corrective actions.
• Configure, maintain, and tune security technologies such as firewalls, endpoint protection, network detection tools, and email or messaging security controls.
• Support identity and access management processes, including access reviews, privilege management, and secure account lifecycle practices.
• Participate in system hardening, patch management, and baseline security improvement initiatives in coordination with infrastructure operations.
• Contribute to the development, maintenance, and improvement of security policies, standards, procedures, and operational runbooks.
• Support audits and compliance initiatives (e.g., ISO 27001, NIST, SOC 2, PCI-DSS).
• Participate in security awareness training and phishing simulation campaigns.
• Support security awareness initiatives and provide guidance to IT staff and employees on secure technology usage and incident reporting.
• Participate in security incident response activities outside of normal business hours as needed to support timely investigation and containment of security events.