Cyber Security Analyst

Job Overview The Cybersecurity Analyst – SOC Operations is responsible for monitoring, detecting, investigating, and responding to cybersecurity threats across the enterprise environment. This role serves as a key member of the Security Operations Center (SOC) and focuses on threat detection, incident response, endpoint security, identity threats, and security monitoring of enterprise infrastructure, cloud environments, and critical business systems. The analyst will investigate security alerts, triage incidents, correlate threat intelligence, and collaborate with IT and infrastructure teams to contain and remediate cybersecurity risks. This position plays an operational role in maintaining enterprise security visibility and minimizing cyber risk exposure. Key Responsibilities & Accountabilities Security Monitoring & Threat Detection Monitor enterprise security tools and alerts for suspicious activity, malicious behavior, or policy violations. Analyze and triage security events generated from SIEM platforms, Endpoint Detection & Response (EDR), Email security platforms, Network monitoring tools, Identity and access monitoring solutions, and Cloud security platforms. Investigate indicators of compromise (IOCs), anomalous behaviors, and suspicious user activity. Correlate logs and events across multiple security systems to identify threats. Escalate high-risk incidents according to playbooks and incident severity classifications. Incident Response Participate in detection, triage, containment, eradication, recovery, and post-incident review activities. Investigate phishing, malware, ransomware, account compromise, insider threat, and unauthorized access incidents. Document incident findings, root cause analysis, and remediation recommendations. Support after-hours cybersecurity response activities when necessary. Endpoint, Identity & Network Security Monitor endpoint security posture and investigate endpoint-related threats. Analyze authentication anomalies including privileged account misuse, impossible travel, MFA anomalies, suspicious logins, and excessive failed authentication attempts. Support Zero Trust security initiatives through continuous monitoring of identity, device, and access risks. Investigate unusual network behavior and lateral movement attempts. Cloud Security Monitoring Monitor cloud security events across Microsoft 365, Azure, SaaS platforms, and enterprise cloud services. Investigate risky cloud behaviors, privilege escalation, abnormal sharing, and unauthorized access attempts. Assist with remediation of cloud security findings and misconfigurations. Vulnerability & Exposure Management Support review of vulnerability scan results and assist with prioritization of remediation activities. Validate remediation of critical vulnerabilities. Monitor exposure trends and recurring weaknesses affecting enterprise systems. Security Automation & Continuous Improvement Assist in developing playbooks and incident response procedures. Support SOAR workflows and automation initiatives. Identify opportunities to improve detection coverage and operational efficiencies. Contribute to lessons learned and continuous improvement activities. Requirements / Basic Qualifications Security Monitoring & Detection : Experience with SIEM platforms such as Microsoft Sentinel, Splunk Enterprise Security, or similar; EDR/XDR solutions such as Microsoft Defender for Endpoint or comparable platforms; security log analysis and event correlation. Identity & Access Security : Experience with identity monitoring in environments such as Microsoft Entra ID, Active Directory, Privileged Access Management systems; authentication threat analysis. Network & Cloud Security : Experience with firewall, DNS, proxy, and network telemetry analysis; familiarity with Zscaler, Microsoft security ecosystem, and cloud security monitoring tools; understanding of SaaS and remote‑access security models. Automation & Response : Proficiency with scripting (PowerShell, Python, or Bash preferred); familiarity with SOAR and security automation initiatives. Preferred Certifications CompTIA Security+ CompTIA CySA+ GCIH AZ-500 CISSP (preferred for senior analyst level) Benefits 401(k) with employer match Health/Dental/Vision insurance plans Paid time off and 10 paid holidays Stock purchase plan EEO Statement We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. #J-18808-Ljbffr