Security Analyst

Job Title: Security Analyst
Location: Tallahassee, FL (Hybrid – Onsite Remote)
Job Type: Contract / Full-Time 
Experience Level: Mid-Level (3 years preferred)

Job Summary

We are seeking a Security Analyst to support enterprise security operations. This role will focus on monitoring, detection, investigation, and response across a variety of security platforms, with a strong emphasis on Microsoft Defender XDR and incident response lifecycle management.

This is a hybrid role based in Tallahassee, FL, requiring a mix of onsite and remote work depending on project needs.

Key Responsibilities

• Monitor security platforms (SIEM, EDR, cloud-native tools) for indicators of compromise (IOC) and indicators of attack (IOA)
• Utilize Microsoft Defender XDR (Endpoint, Cloud Apps, Identity, Office 365) for threat monitoring, analysis, and response
• Investigate and triage phishing incidents, including user-reported submissions
• Perform Identity & Access Management (IAM) analysis, including risky users and sign-in events
• Conduct in-depth investigations of security alerts and escalate or resolve incidents per procedures
• Support the full incident response lifecycle: detection, containment, eradication, recovery, and reporting
• Maintain and optimize detection rules, alerts, and automation to improve accuracy and reduce false positives
• Follow strict escalation and change management protocols
• Document incidents, including after-action reports and lessons learned
• Monitor and remediate vulnerabilities across software and hardware systems
• Assist in developing and implementing security policies, procedures, and risk analysis reports
• Evaluate and recommend security tools and technologies
• Provide knowledge transfer and technical training to IT support staff as needed
• Ensure compliance with organizational IT standards, policies, and procedures
• Track and document work hours by assigned tasks

Required Qualifications

• 3 years of experience in cybersecurity, security operations, or SOC environment
• Hands-on experience with SIEM and EDR tools
• Strong experience with Microsoft Defender XDR suite
• Experience with incident response and threat analysis
• Knowledge of phishing analysis and email security threats
• Familiarity with Identity & Access Management and Azure AD sign-in risk analysis
• Experience with vulnerability management and remediation
• Strong documentation and reporting skills

Preferred Qualifications

• Experience in government or regulated environments
• Knowledge of security frameworks (NIST, CIS, etc.)
• Familiarity with cloud security (Azure preferred)
• Relevant certifications (Security , CySA , CEH, etc.)

This position is open to direct applicants only.