Cybersecurity Analyst

About the Role

We're looking for a Cybersecurity Analyst to join our team as a mid-level resource within our cybersecurity operations. This role goes beyond alert triage-you'll take ownership of end-to-end incident handling, support active breach response, drive continuous improvements in our security posture, and ensure our organization stays compliant with key cybersecurity policies and vendor risk standards.

You'll act as a critical bridge between the security operations center (SOC), compliance, and executive leadership-bringing both technical depth and policy fluency to the table.
Key Responsibilities
Incident Detection & Response

- Triage, investigate, and respond to SOC alerts from SIEM, EDR, firewall, and email security platforms.
- Lead or assist in active breach investigations, containment, eradication, and recovery.
- Conduct root cause analysis and document lessons learned from security incidents.
- Develop and refine incident response runbooks and playbooks.
Security Risk & Compliance

- Complete cybersecurity questionnaires and vendor risk assessment forms for clients, partners, and regulators.
- Support compliance with industry frameworks (e.g., NIST CSF, CIS Controls, ISO 27001).
- Monitor and assess third-party risk based on vendor security posture and data access.
Governance & Policy

- Write, review, and maintain cybersecurity policies, procedures, and standards.
- Contribute to security awareness training initiatives and documentation.
Continuous Improvement

- Identify gaps in tools or procedures and recommend new controls or solutions.
- Provide mentorship to Tier I/II analysts and assist in refining escalation paths.
- Collaborate with IT and DevOps teams on secure configurations and system hardening.
Required Qualifications

- 5+ years of cybersecurity experience, including at least 2 years in an incident response or SOC role.
- Strong familiarity with SIEMs, EDR platforms (e.g., CrowdStrike, SentinelOne), and email security gateways.
- Solid understanding of threat actors, tactics, techniques, and procedures (TTPs).
- Experience completing cyber risk assessments or security questionnaires.
- Demonstrated experience writing or editing cybersecurity policies.
- Excellent verbal and written communication skills, especially when translating technical issues to non-technical stakeholders.
Preferred Qualifications

- Certifications: CISSP, GCIA, GCIH, or similar.
- Experience in a managed service or multi-tenant environment.
- Familiarity with compliance standards such as HIPAA, SOC 2, or PCI-DSS.
- Scripting or automation experience (PowerShell, Python, etc.) is a plus.
What We Offer

- A fast-paced, mission-driven environment where cybersecurity is taken seriously.
- Opportunities to lead breach response and drive security improvements.
- Competitive salary, benefits, and potential for career growth.