Cyber Security Analyst (US Based)

Please Note: Please note that we are unable to offer employment sponsorship for this position now or in the future. Candidates must have unrestricted work authorization (U.S. citizen, green card holder, or permanent resident). Unfortunately, we cannot consider applicants requiring visa or OPT sponsorship.

Cytel is seeking a Cyber Security Analyst to support and enhance the organization's information security operations. This role is responsible for monitoring, investigating, and responding to security events across a modern, cloud-first environment. The analyst will work closely with IT and security teams to protect corporate systems, research data, and client information, while contributing to a mature, evolving security program in a regulated industry.

The Cyber Security Analyst will monitor security tools and platforms for suspicious activity across endpoints, networks, and cloud environments. They will triage and analyze alerts generated by detection platforms and other integrated security tools, determining alert severity, scope, and appropriate responses.

A central responsibility of this role is to conduct and support security investigations. The analyst will investigate security events and incidents by analyzing logs, endpoint telemetry, identity activity, and network data. They will correlate data across multiple sources, including login records, VPN, endpoint protection, email systems, and others, to establish timelines and identify root causes and impacts. Findings must be clearly documented, with appropriate escalation of confirmed or high-risk incidents.

The analyst will participate in incident response activities, including containment, eradication, and recovery efforts, in accordance with established procedures and playbooks. They will maintain accurate case records and contribute to post-incident reviews to improve detection and response capabilities.

This role also includes supporting vulnerability management efforts by reviewing scan results, tracking remediation, and working with IT teams to address identified risks. The analyst will assist with security audits, access reviews, and compliance activities required in a regulated clinical research environment.

The individual will contribute to the continuous improvement of detection use cases, investigation workflows, and overall security posture. Over time, the analyst is expected to assume greater ownership of investigations and proactively identify opportunities to strengthen defenses.

Please Note: 3-5 years of relevant professional experience within the applicable field is the minimum requirement. Also, candidates must be legally authorized to work in their country of employment without sponsorship. We are unable to provide employment sponsorship now or in the future, including work visas, employment authorization support, or visa transfers. Unfortunately, we cannot consider applicants requiring visa or OPT sponsorship.

Candidates should have a bachelor's degree in cybersecurity, Information Technology, Computer Science, or a related field, or equivalent practical experience.

A solid understanding of security operations concepts is required, including threat detection, incident investigation, log analysis, and response methodologies. Hands-on experience with endpoint detection and response platforms and SIEM solutions is expected.

Experience working in a Microsoft Azure environment is required, including familiarity with Azure AD, identity security, and cloud-based logging and monitoring. Strong knowledge of Windows operating systems is required, with working knowledge of networking fundamentals.

Candidates must demonstrate strong analytical and investigative skills, the ability to correlate data across systems, and the ability to clearly document findings. Effective communication skills are essential for working with both technical and non-technical stakeholders.

Relevant certifications such as Security+, SC-200, AZ-500, or similar are preferred. CISSP is a plus.

Preferred Qualifications

Experience with CrowdStrike Falcon and Secureworks Taegis is strongly preferred. Familiarity with Microsoft security tooling, such as Defender for Endpoint, Defender for Identity, and Sentinel, is advantageous.

Exposure to scripting or automation using PowerShell is beneficial. Experience in a regulated environment such as healthcare, biotech, or clinical research is a plus.

Experience with investigating security events and incidents by analyzing logs, endpoint telemetry, identity activity, and network data

Cytel Inc. is an Equal Employment / Affirmative Action Employer. Applicants are considered for all positions without regard to race, color, religion, sex, national origin, age, veteran status, disability, sexual orientation, gender identity or expression, or any other characteristics protected by law.