This fully remote position plays a central role in safeguarding organizational assets by actively monitoring, analyzing, and responding to cybersecurity threats. The Cybersecurity Analyst will investigate security alerts from multiple sources, including SIEM platforms, endpoint detection systems, and managed security providers, ensuring timely and effective resolution.
Key Responsibilities
- Monitor, triage, and investigate security events and vulnerabilities across networks, endpoints, and cloud environments
- Analyze logs and telemetry using tools such as Microsoft 365 Defender, Crowdstrike, and SIEM solutions to detect and respond to threats
- Conduct vulnerability assessments and support remediation efforts to reduce risk exposure
- Collaborate with IT and security teams to implement and refine security policies, controls, and incident response procedures
- Support digital forensics, threat hunting, and incident response activities across the full lifecycle
- Review detection rules and align them with MITRE ATT&CK techniques to improve visibility and coverage
- Contribute to the development and maintenance of incident runbooks and business continuity plans
- Assist in vendor security reviews, audits, and compliance initiatives related to standards such as ISO 27001/2 and PCI DSS
- Provide guidance on secure configurations for new technologies and cloud deployments, particularly in Azure environments
- Participate in on-call rotations to ensure 24/7 readiness for security incidents
- Produce clear technical reports and documentation for investigations, findings, and process improvements
- Educate internal teams on security best practices and control frameworks to strengthen organizational awareness
Qualifications
Candidates should hold a degree in cybersecurity, information technology, or a related field, or demonstrate equivalent experience. A minimum of three years in progressively responsible cybersecurity roles is required, with at least two years using enterprise security tools such as SIEM, endpoint protection platforms, and email security systems.
Proficiency with Microsoft 365 Defender, PowerShell, Python, and KQL is essential. Familiarity with cloud security (especially Azure), common attack vectors, and mitigation strategies is expected. Experience developing incident response plans and working within structured security frameworks is a strong asset.
Strong communication, collaboration, and documentation skills are necessary to succeed in this cross-functional role. The ideal candidate takes initiative, thinks critically, and contributes proactively to improving security posture.
Preferred Experience
- Holding certifications such as Security+, CEH, GCIH, GCFA, or Microsoft SC-200
- Working with SOAR platforms, automation, or AI-driven security tools
- Participation in red team/blue team exercises or incident simulations
- Exposure to operational technology (OT) security, particularly in energy-sector environments
Technical Environment
The role leverages a modern security stack including SIEM, Microsoft 365 Defender, Crowdstrike, Abnormal, ProofPoint, PowerShell, Python, KQL, Azure, and the MITRE ATT&CK framework.
Work Model
This is a fully remote position. Flexibility and availability expectations will be discussed during the interview process.
