Senior Cyber Security Analyst

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent practical experience.
• Minimum of 5 years of hands-on experience in the following areas: Incident Response, Threat Hunting, Vulnerability Management, Network Security, Identity and Access Management, and Endpoint Security.
• Strong experience with SIEM, SOAR, EDR, VM, DLP, email security technologies.
• Strong knowledge of cybersecurity frameworks and industry standards such as NIST CSF, OWASP, MITRE ATT&CK.
• Solid understanding of TCP/IP, DNS, HTTP/S, and other network protocols, as well as firewall and IDS/IPS technologies.
• Industry certifications such as CompTIA Security+, CEH, CISSP, GSEC, or equivalent are highly desirable.
• Experience with cloud security tools and practices (Azure, AWS, GCP).
• Knowledge of identity and access management (IAM), including MFA, SSO, conditional access, and role-based access control.
• Strong analytical, critical thinking, and problem-solving skills.
• Excellent verbal and written communication skills, with the ability to convey technical concepts to non-technical audiences.
• Able to prioritize and execute tasks in a high-pressure environment
• Thrives in collaborative environments and contributes positively to team dynamics

Responsibilities

• Investigate security incidents, perform root cause analysis, and document findings and remediation steps.
• Collaborate with infrastructure, cloud, networking, and application teams during incident response activities.
• Develop and maintain security documentation, including incident response playbooks, SOPs, and risk assessments.
• Support continuous improvement of security processes, prevention, detection and response capabilities.
• Lead the vulnerability management lifecycle, including scanning, validation, prioritization, remediation coordination, and reporting.
• Conduct regular vulnerability assessments across endpoints, servers, cloud environments, and network infrastructure, & work with stakeholders to remediate identified vulnerabilities.
• Design and execute phishing simulation campaigns and support the cyber security training program to improve user awareness.
• Assist in the implementation and enforcement of security policies, standards, and procedures, ensuring alignment with industry standards (e.g., NIST CSF, ISO 27001).
• Track and report on key security metrics and trends to support continuous improvement.
• Continuously monitor third-party cyber risk exposure, ensuring compliance with regulatory and organizational requirements, and drive remediation of identified security risk.
• Build process automation to streamline workflows, reduce manual effort, improve accuracy, enhance operational efficiency, and enable scalable, consistent execution.
• Maintain awareness of emerging threats, attacker tactics, techniques, and procedures (TTPs), leveraging frameworks such as MITRE ATT&CK.

Benefits

• comprehensive health & dental benefits
• pension plan
• paid time off
• performance-based incentive plan