Cyber Security Analyst

Direct hire opportunity available for a Cybersecurity Analyst In this role, you will be responsible for ensuring the health, operational effectiveness, and efficiency of cybersecurity monitoring, detection, response, and incident management functions. You will serve as a key resource for advanced security troubleshooting, incident response, and infrastructure protection, while also communicating security trends, incidents, and metrics to leadership.

Responsibilities:

Security Operations & Monitoring:

• Oversee and maintain security tools and infrastructure, including SIEM, IDS/IPS, CASB, XDR/EDR, and Syslog servers.
• Implement, configure, and monitor SIEM detections aligned with the MITRE ATT&CK framework.
• Ensure the health, accuracy, and completeness of security logs and alerts across cloud and on-premises environments.
• Lead threat hunting initiatives and enhance security event detection capabilities.
• Analyze log data from endpoints, databases, applications, networks, and mobile devices for potential threats.
• Minimize false positives by optimizing security tool configurations.

Incident Response & Threat Management:

• Act as the primary escalation point for advanced security events and incidents.
• Develop and maintain Incident Response Plans, playbooks, and communication strategies.
• Provide third-level triage support for security alerts and mentor junior SOC staff.
• Collaborate with internal teams and managed security service providers (MSSP) to coordinate security escalations.
• Conduct forensic investigations and analyze malware or malicious activities affecting systems.
• Automate repetitive security tasks within the SOAR environment using ML/AI.

Security Engineering & Compliance:

• Improve security configurations and monitoring processes for cloud and on-premises systems.
• Partner with platform and business owners to implement security enhancements.
• Support internal and external audits, risk assessments, and compliance initiatives.
• Maintain Information Security policies, standards, and procedures in line with industry best practices.
• Participate in change management processes for security-related updates.

Collaboration & Leadership:

• Work closely with security engineering, incident response, infrastructure, and IT teams to enhance security posture.
• Serve as the security consultant in technical and business meetings, ensuring secure application and infrastructure configurations.
• Report on SOC performance metrics, KPIs, and security trends to leadership.
• Participate in a rotating on-call schedule for after-hours security incidents.

Qualifications:

• 5 years of experience in Security Operations (SOC), Incident Response, or IT security administration.
• Strong understanding of MITRE ATT&CK framework for threat detection.
• Expertise in SIEM, IDS/IPS, EDR/XDR, CASB, DNS security, and firewalls.
• Experience analyzing network traffic, log files, email headers, and malware for security threats.
• Strong knowledge of Windows, Linux, macOS, and cloud security best practices.
• Ability to document incidents, write technical reports, and communicate effectively with leadership.
• Excellent problem-solving skills, adaptability, and ability to work under pressure.

Preferred Skills & Certifications:

• Microsoft Azure Sentinel SIEM (or similar) – 2 years of experience.
• Microsoft Defender for Endpoint & Servers – 2 years of experience.
• Microsoft CASB (or equivalent) – 2 years of experience.
• Identity and Access Management (IAM) administration – Microsoft EntraID, Active Directory, or similar.
• Experience with HPE Intrusion Detection Systems (or equivalent SD-WAN IDS).
• Proficiency in PowerShell, Python, and KQL scripting.
• Certifications such as CISSP, CISM, CEH, or GIAC are a plus.

This roles offers a competitive compensation and benefits package, including medical, dental, and 401(k) The salary range for this type of role is approximately 110 - 120k This range is an estimate and not a guarantee of compensation. The final salary will be determined by factors such as experience, market trends, and specific job assignments. Discover more about how ITR Group connects top talent with leading client opportunities.