Cyber Security Analyst - Hybrid

Job Description:
As a Cyber Security Analyst, you will be a key member of the Security Operations Center (SOC), participating in 24x7x365 monitoring, analysis, and incident response for information security threats. This role includes responding to incidents related to malware, policy violations, and advanced persistent threats, as well as supporting threat intelligence, risk management, and forensic efforts. You will work closely with DevOps, IT, and security teams to ensure secure cloud configurations and improve the organization's overall security posture.

Key Responsibilities:

• Monitor and analyze alerts from cloud security tools including AWS Security Hub, Microsoft Defender for Cloud, and Google Chronicle.
• Investigate and respond to potential security incidents within cloud environments.
• Perform log analysis using SIEM tools such as Splunk and Google SecOPS.
• Lead and coordinate responses to cloud-related incidents, including containment, remediation, and root cause analysis.
• Create detailed incident reports and recommend preventive measures to reduce future risks.
• Assess and improve cloud security posture using tools such as Prisma Cloud, AWS Config, and Azure Security Center.
• Identify and remediate cloud misconfigurations and potential security gaps.
• Develop and implement custom detection rules and scripts to enhance threat detection capabilities.
• Collaborate with DevOps, IT, and security teams to ensure secure cloud configurations and practices.
• Provide guidance and training to junior analysts on cloud security best practices.
• Support audits and maintain compliance with CIS, NIST, and ISO 27001 frameworks.
• Maintain dashboards and produce regular reports for senior management on security metrics and incident trends.

Required Skills, Experiences, Education, and Competencies:

• 3-5 years of experience in cybersecurity, including at least 2 years in cloud security or SOC roles.
• Hands-on experience with one or more cloud platforms: AWS, Azure, or Google Cloud Platform (GCP).
• Experience with Cloud Security Posture Management (CSPM) tools, including Prisma Cloud.
• Proficiency with SIEM tools and cloud-native security solutions.
• Strong knowledge of security frameworks such as MITRE ATT&CK, NIST CSF, and CIS Benchmarks.
• Familiarity with scripting languages, including Python, PowerShell, or Bash.
• CompTIA Network+ and Security+ certifications or equivalent experience.
• In-depth knowledge of packet structure and experience performing packet analysis.
• Thorough understanding of information security best practices and technologies.
• Detailed knowledge of securing, administering, and exploiting common operating systems.
• Experience analyzing logs from security devices such as firewalls, routers, proxies, anti-virus tools, and operating systems.
• Strong proficiency with Windows and Unix/Linux command line operations.
• Knowledge of obfuscation techniques used in malicious traffic and data encryption.
• Familiarity with standardized incident response frameworks like SANS and NIST.
• Analytical approach with experience in event classification, correlation, and root cause analysis.
• Ability to react quickly, decisively, and effectively in high-stress situations.
• Strong ethical standards and core values, with a passion for continuous learning.
• Strong verbal and written communication skills for documenting findings and escalating incidents.
• Self-disciplined, highly motivated individual capable of working independently with minimal supervision.
• Preferred certifications include AWS Certified Security Specialty, Microsoft Azure Security Engineer Associate, CCSK, CCSP, or equivalent.
• Experience with automation tools such as Terraform, Ansible, or CI/CD pipelines.
• Knowledge of Zero Trust and micro-segmentation principles is a plus.

The hourly range for roles of this nature are $50.00 to $80.00/hr. Rates are heavily dependent on skills, experience, location, and industry.

cyberThink is an Equal Opportunity Employer.