Job Description:
Primary Objectives:
Assist in monitoring and analyzing security events using SIEM & EDR tools.
Support vulnerability management activities, including scanning, tracking, and coordinating remediation efforts across systems and applications.
Participate in identity-related incident investigations, including unauthorized access, account compromise, and privilege misuse.
Contribute to the development and enforcement of security policies and procedures.
Document findings, actions, and lessons learned from security incidents.
Stay current with emerging threats, vulnerabilities, and industry best practices.
Major Areas of Accountability:
Security Monitoring & Incident Response
Monitor security alerts and logs using SIEM and other tools.
Escalate and assist in triaging security incidents.
Participate in incident investigations and contribute to root cause analysis and reporting.
Security Tools & Infrastructure Support
Assist in maintaining and tuning security tools (e.g., EDR/MDR, RMM).
Support deployment and configuration of new security technologies.
Help ensure tools are integrated and functioning as expected.
Identity & Access Incident Remediation
Investigate identity-related incidents such as unauthorized access, account compromise, and privilege misuse.
Support implementation of identity protection measures (e.g., MFA, conditional access policies).
Endpoint Remediation
Perform hands-on remediation of individual servers and workstations, including patching, malware removal, and configuration fixes.
Collaborate with desktop support and infrastructure teams to ensure secure endpoint configurations.
Document remediation actions and update asset records accordingly.
Policy & Awareness Support
Contribute to the development and enforcement of security policies and standards.
Assist in delivering security awareness training and phishing simulations.
Provide feedback on user behavior and recommend improvements to awareness programs.
Documentation & Reporting
Maintain accurate records of incidents, vulnerabilities, and remediation activities.
Prepare reports for internal stakeholders on security posture and incident trends.
Document procedures and contribute to knowledge base articles.
Other duties
Follow existing incident, problem, request, and change management processes provide continual feedback to simplify and improve existing processes.
Education:
Associates degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)
Experience:
2 or more years of experience working as a cybersecurity analyst / engineer role or equivalent role.
Security+ certification
Robust communication skills (verbal, written, and presentation skills)
Travel Requirements:
As needed
