Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Cyber Security Analyst

EXOS

The Cybersecurity Analyst III at EXOS CYBER is the senior technical escalation point of the SOC — the final analyst-tier authority on the hardest, most ambiguous investigations before a case moves into engineering. When Tier 2 has driven an alert as far as standard playbooks and queries allow and still doesn't have a confident answer, it comes to you. You own confirmed, significant incidents end to end across our client environments. You will support day-to-day security operations for our clients with a primary focus on advanced detection, incident response, and threat hunting, working alongside our Cybersecurity Engineers, and Team Lead. Beyond the queue, you set the bar for investigation quality across the SOC. You QA escalations, mentor and develop Tier 1 and Tier 2, build out the investigation curriculum, and partner with engineering on detection strategy at the program level, not just one noisy rule at a time. This is a hands‑on, deeply technical role designed for analysts with 5+ years of experience (or 2+ years past Tier 2) who are ready to operate as the senior individual contributor in a real‑world MSSP detection‑and‑response practice spanning across a diverse client environments. Serve as the Tier 3 technical escalation point in the SOC. Take the incidents that Tier 2 cannot fully resolve, drive them to a definitive answer, and hand only genuinely engineering‑scoped or architecture‑level problems to the Cybersecurity Engineers and Team Lead with a clear, evidence‑backed recommendation and a proposed course of action. Lead confirmed true‑positive incidents end to end across client environments including but not limited to ransomware, business email compromise, account takeover, lateral movement, and data exfiltration including scoping and impact assessment, containment orchestration via SentinelOne, account isolation and credential rotation in Entra ID, eradication and recovery guidance, evidence preservation, root‑cause analysis, and client communication through resolution. Own and run the proactive threat hunting program: develop hypothesis‑driven hunts across the client base using various queries, EDR telemetry, and indicators from CTI feeds; document findings; and feed confirmed patterns back into detection engineering as durable, reusable detections. Perform host, memory, and network forensics (Velociraptor, endpoint and identity artifacts, timeline reconstruction) to establish what happened, when, and how far it went, and to support breach‑notification and legal/insurance coordination when an incident warrants it. Conduct phishing triage and support email‑based threat investigations, including user impact assessment and remediation steps. Partner with the Cybersecurity Engineers and AI Automation Engineer on detection strategy at the program level coverage and gap analysis against MITRE ATT&CK, detection content design, and false‑positive reduction across the fleet rather than one‑off alert tuning. Apply offensive and adversary‑emulation knowledge to inform detection coverage, and support purple team and adversary‑emulation exercises by translating attacker TTPs into detections and validating that controls fire as expected. Analyze endpoint, identity, and network telemetry to identify suspicious activity, lateral movement, and persistence, and lead phishing and email‑based threat investigations through full user‑impact assessment and remediation. Set and enforce investigation quality standards: QA Tier 1 and Tier 2 escalations and case documentation, run walk‑throughs of significant investigations, give kind and direct feedback, and own the Tier 1/Tier 2 onboarding and skills‑development curri Author the analytical narrative for the most complex client deliverables, post‑incident reports, after‑action reviews, and the senior‑analyst portion of monthly client reporting covering what we saw, what it means, and what we recommend, in language a client technical stakeholder can act on. Drive SOC operational maturity by shaping runbook and playbook architecture, investigation checklists, and repeatable workflows, and by mentoring the team toward consistent, defensible outcomes Must Haves 5+ years of experience in a SOC, incident response, MSSP, or security operations role, or 2+ years past a Tier 2 / Analyst II role in a comparable environment. Demonstrated ability to independently lead complex investigations and confirmed incidents to resolution across endpoint, identity, email, and network telemetry — not just triage and elevate. Advanced command of an EDR (SentinelOne, CrowdStrike, or Defender for Endpoint) and a SIEM (Blumira, Sentinel, Splunk, or QRadar) at the query, pivot, and detection‑authoring level. Practical host and network forensics and evidence‑preservation experience, including timeline reconstruction across Windows event logs, Active Directory, Entra ID, firewall, VPN, DNS, and email security logs. Hands‑on proactive threat hunting experience: building and executing hypothesis‑driven hunts and converting findings into detections. Proficient scripting in PowerShell and/or Python for investigation, log parsing, and automation. Working fluency with the MITRE ATT&CK framework for both investigation and detection‑coverage mapping. Strong command of the incident response lifecycle, escalation criteria, and chain‑of‑custody / evidence‑handling practices. Ability to lead under pressure in a multi‑client environment, prioritize across simultaneous active incidents, and maintain quality and clear documentation throughout. Excellent written communication, with the ability to produce client‑ready incident summaries, post‑incident reports, and analytical narratives, and to mentor junior analysts effectively. Solid fundamentals in TCP/IP, DNS, Windows and Linux internals, and identity and access management. Relevant certifications such as CompTIA CySA+, GIAC GCIH/GCIA/GCFA, BTL2, or equivalent demonstrated experience. Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related discipline. Equivalent military training or certifications considered. Advanced certifications such as GIAC GCIA, GCFA, GCFE, GNFA, GCTI, GREM, or BTL2; offensive‑informed credentials (OSCP, CRTO) a strong plus given the role's detection and purple‑team‑support scope. Prior MSSP experience in a multi‑tenant model, including a multi‑tenant PSA/ticketing platform (ConnectWise, Autotask, ServiceNow, or similar). Detection engineering experience: Sigma rules, KQL, and SentinelOne / Blumira query syntax, plus comfort building detections from hunt findings. Experience with SOAR or rules‑based automation and operationalizing playbooks alongside an AI Automation Engineer. DFIR tooling depth (Velociraptor or comparable) and experience supporting legal, insurance, and breach‑notification workflows during major incidents. Vulnerability management and offensive‑output review experience (ConnectSecure, Tenable, Qualys; NodeZero or comparable pentest/attack‑path findings). Experience mentoring or formally developing junior analysts and building SOC training content. #J-18808-Ljbffr

Vacancy posted 6 hours ago
Similar jobs that could be interesting for youBased on the Cyber Security Analyst in Indianapolis, IN vacancy
  • $69.4k - $158k

     ...Job Number: R0243018 Cyber Security Analyst The Opportunity As a security operations center analyst, you're in the middle of the action, responding to and mitigating threats in real time. You're the first line of cyber defense for your organization, and they look to you... 
    Suggested
    Work at office
    Local area
    Remote work
    Shift work

    Phase2 Technology

    Indianapolis, IN
    4 days ago
  • $102.17k - $178.78k

     ...Trinnex is hiring a Senior Cyber Security Analyst to safeguard critical software systems supporting water utilities. The analyst will work at the intersection of cybersecurity and DevSecOps to ensure applications are resilient against threats. This position involves advanced... 
    Suggested

    Trinnex

    Indianapolis, IN
    1 day ago
  • $104k - $156k

     ...Posting Type Remote/Hybrid Job Overview The Advanced Security Engineer is a technically deep, hands-on practitioner who forms the operational backbone of the enterprise security function. Operating within a layered defense-in-depth program, this engineer... 
    Suggested
    Remote work

    Relativity

    Indianapolis, IN
    1 day ago
  • $85k - $101k

    MISO in Carmel, Indiana is seeking an IT Disaster Recovery Analyst II to enhance their Disaster Recovery program. This role involves developing recovery plans, conducting tests, and ensuring compliance with regulatory standards. The successful candidate will partner with... 
    Suggested

    MISO

    Carmel, IN
    1 day ago
  • We are seeking a Disaster Recovery Analyst to support and strengthen our enterprise Information Technology Disaster Recovery program. You’ll help ensure compliance, improve recovery processes, and enhance the resilience of critical technology systems. Responsibilities Developing... 
    Suggested

    Anchor Point Technology Resources

    Carmel, IN
    1 day ago
  • $85k - $101k

    Description MISO is seeking an IT Disaster Recovery Analyst II to support and strengthen our enterprise Disaster Recovery (DR) program. In this role, you'll help ensure compliance, improve recovery processes, and enhance the resilience of critical technology systems. You... 
    Local area

    MISO

    Carmel, IN
    23 hours ago
  •  ...enterprise network. You will configure Cisco routing and Palo Alto firewalls, ensuring operational stability and contributing to network security improvements. The ideal candidate has a degree in IT, Computer Science, or Engineering, or extensive relevant experience. Join us... 

    MISO

    Carmel, IN
    2 days ago
  • $87.7k - $164k

     ...Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security...  ...Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team... 
    Summer holiday
    Local area
    Flexible hours

    Ernst & Young Oman

    Indianapolis, IN
    1 day ago
  • $119k - $144k

    MISO Default Brand is seeking a Network Engineer I to enhance and support a complex enterprise network in Carmel, Indiana. You will be responsible for configurations, troubleshooting, and working with vendors on network initiatives, primarily focusing on Cisco routing and...

    MISO Default Brand

    Carmel, IN
    2 days ago
  •  ...significant growth and are looking for a dynamic and experienced CISO to join our leadership team. Job Summary: The Chief Information Security Officer (CISO) will be responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure... 
    Work at office

    Baker Hill

    Carmel, IN
    4 days ago
  • CNO Financial Group, Inc. is seeking a Principal IT Security Architect to shape their enterprise security strategy and architecture. This role covers defining security requirements and leading security architecture efforts across various domains. Ideal candidates will... 
    Remote job

    CNO Financial Group

    Carmel, IN
    23 hours ago
  • $90k - $110k

     ...United States Suitability/Public Trust Fully remote Cyber Security Services Overview GovCIO is currently hiring for an Information Systems Security Officer (ISSO) to support our client's contract needs. The ISSO ensures the confidentiality, integrity, and... 
    Full time
    Contract work
    Currently hiring
    Remote work
    Flexible hours

    GovCIO

    Indianapolis, IN
    23 hours ago
  •  ...standards and structured methodologies. Evaluate existing environments and recommend improvements to performance, reliability, and security. Build strong, trust-based relationships through clear communication and proactive support. Collaborate with peers to drive... 
    Full time

    Designworks Talent LLC

    Indianapolis, IN
    1 day ago
  •  ...Our client, a healthcare organization, is seeking a Clinical Applications Analyst to join their team. As a Clinical Applications Analyst, you will be part of the IT Applications team supporting clinical, pharmacy, and multidisciplinary teams. Job Title: Clinical Applications... 

    Manpower Group Inc.

    Indianapolis, IN
    1 day ago
  •  ...Indianapolis, IN Cybersecurity Analyst Support mission-critical cybersecurity operations for the Defense Finance & Accounting Service...  ...required qualifications listed below. Allyon does not sponsor security clearances and does not offer C2C opportunities for this role.... 
    Full time
    Flexible hours
    Shift work

    Allyon, Inc.

    Indianapolis, IN
    23 hours ago
  • $35.06 - $41.2 per hour

     ...Applications Systems Analyst/Programmer (Master Data Management Team) We have a new opportunity with the State of Indiana – Child...  ...Data Management ~4+ years with SSRS (deployment, scheduling, security) ~1+ year with Atlassian tools (Jira/Confluence) Compensation... 
    Hourly pay
    Contract work
    Monday to Friday

    Inteletech Global Inc.

    Indianapolis, IN
    1 day ago
  • $57.7k - $107.8k

     ...Responsibilities include business/systems analysis, requirements definition and documentation, system design, and problem resolution. The analyst communicates with system end-users to understand issues and implement solutions. Essential Responsibilities Plans, designs/builds,... 
    Work experience placement
    Work at office
    Local area
    Remote work

    Highmark Health

    Indianapolis, IN
    3 days ago
  • $117.1k - $187.3k

     ...closely with Commercial IT leadership, Technology Product Owners, engineering leaders, Enterprise Architecture, Data, ERP, Commerce, Security, and business partners to define target-state CRM architecture, establish architecture guardrails, reduce technical debt, and... 
    Live in
    Local area
    Worldwide

    Cengage Group

    Indianapolis, IN
    1 day ago
  •  ...with product and program teams,establishingarchitectural guardrails, reviewing designs to ensure alignment with target architecture, security, performance, resiliency, and operability standards, supporting both project-centric and product-centric delivery models.... 
    For contractors

    AES Corporation

    Indianapolis, IN
    4 days ago
  •  ...legacy systems with cloud-native platforms. Cloud Architect Certification is a plus Proven track record to design and build scalable, secure, high-availability enterprise systems, leveraging CI/CD pipelines and automated testing frameworks for global user bases. Drive... 
    Work experience placement
    Live in
    Local area
    Worldwide

    Cengage Group

    Indianapolis, IN
    23 hours ago
  • $94.1k - $170k

     ...across the full lifecycle of cloud-based services-including infrastructure, application development, testing, and operations-ensuring secure, scalable, and efficient integration of enterprise applications on multitenancy as appropriate. The engineer supports customer-... 
    Contract work
    Work at office

    ASM Research, An Accenture Federal Services Company

    Indianapolis, IN
    3 days ago
  •  ...Summary Summary: The Application Analyst contributes to the installation, configuration, and maintenance of enterprise-level software...  ...documentation creation are key aspects for the role with a focus on security and staying current with industry trends. Responsibilities... 
    Permanent employment
    Temporary work
    Work at office
    Local area

    Barnes & Thornburg

    Indianapolis, IN
    1 day ago
  •  ...Applications, Computer Information Systems, Computer Science or related, Math, any Engineering, or Business related. 2 years as a Programmer Analyst, Programmer or related. In lieu of a Bachelor's degree or foreign equivalent in Computer Science or related, any Engineering, or... 
    Work experience placement
    Relocation

    Pyramid Technology Solutions

    Indianapolis, IN
    3 days ago
  •  ...A leading healthcare organization in Indianapolis is seeking a Revenue Cycle EDI Systems Analyst to support and enhance revenue cycle systems. The analyst will be responsible for ensuring compliance with regulatory requirements, monitoring billing metrics, and collaborating... 
    Remote work

    Humana

    Indianapolis, IN
    23 hours ago
  • $115.8k - $202.7k

     ...technology deliverables by contributing to and communication of standards and best practices for development, quality assurance, security, and service on-boarding Keep current with industry trends (including solution architecture frameworks and patterns, emerging... 
    Minimum wage
    Local area
    Remote work
    Night shift

    Marsh LLC

    Indianapolis, IN
    23 hours ago
  •  ...Chief Information Security Officer (CISO), Growth About the Company Accomplished provider of top-tier security services Industry Security and Investigations Type Privately Held About the Role The Company is seeking a Chief Information Security... 

    Confidential

    Indianapolis, IN
    2 days ago
  •  ...Chief Information Security Officer (CISO) About the Company Trusted provider & publisher of consumer insights about car models &...  ...CISO) to take on an enterprise-level leadership role in global cyber security, information risk, and resilience. The CISO will be responsible... 

    Confidential

    Indianapolis, IN
    14 hours ago
  • $60.8k - $82.9k

     ...Become a part of our caring community As a Revenue Cycle EDI Systems Analyst , you will report to the VP, RCM. You will be responsible for supporting, monitoring, and optimizing revenue cycle systems utilized by the FSU. You will ensure accurate and timely billing... 
    Bi-weekly pay
    Full time
    Temporary work
    Apprenticeship
    Work at office
    Remote work
    Home office

    CenterWell

    Indianapolis, IN
    23 hours ago
  • $120k - $150k

     ...healthcare. Guided by our mission to make the world’s health data secure, accessible and actionable, we provide critical data solutions...  ...are seeking a highly skilled and experienced Senior Systems Analyst – Oracle HCM to join our HRIT team. This individual will be a... 

    Datavant

    Indianapolis, IN
    4 days ago
  • $66.79k - $125k

     ...continuous professional development. We are seeking for a Systems Analyst to join our team. The Collections Coordinator performs daily...  ...transitions and alignment with the Firm's enterprise architecture, security standards, and operational goals. This position is ideal for... 
    Work experience placement
    Local area

    Cherry Bekaert

    Indianapolis, IN
    23 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Cyber Security Analyst. Be the first to apply!