Cybersecurity Analyst

Position Overview

We are seeking a highly skilled Cybersecurity Analyst to lead and mature our organization’s security posture with a strong emphasis on the Microsoft Security ecosystem, user security awareness, disaster recovery, vulnerability management, patch management and security documentation. This role prioritizes threat prevention, detection, identity protection, endpoint security, compliance alignment, and continuous employee education. Infrastructure responsibilities exist only as needed to support security objectives.

The ideal candidate will serve as the organization’s security owner, driving policy, tooling optimization, user education, and incident readiness while partnering closely with IT operations and leadership.

Key Responsibilities

Cybersecurity Operations (55%)

• Implement, configure, tune, and maintain the Microsoft Security Stack, including:

o   Microsoft Defender for Endpoint, Office 365, Identity, and Cloud Apps

o   Microsoft Sentinel (SIEM/SOAR) – log ingestion, analytics rules, workbooks, and automation

o   Microsoft Purview – Data Loss Prevention (DLP), information protection, and retention

o   Microsoft Entra ID (Azure AD) – identity protection, conditional access, and Privileged Identity Management (PIM)

o   Intune / Endpoint Security Policies – device compliance, attack surface reduction, and application control

• Develop and maintain Zero Trust security architecture across identity, device, network, and application layers.
• Work closely with the SOC to monitor security telemetry, investigate alerts, perform root-cause analysis, and lead incident response activities.
• Execute internal security-related IT and operational projects while also participating as a project team member on broader organizational projects.
• Maintain automated security workflows using Sentinel playbooks, Power Automate, and scripting where appropriate.
• Conduct vulnerability management activities, penetration testing, security posture reviews, and continuous improvement initiatives.
• Partner with IT and business teams to embed security into new projects, cloud workloads, and application deployments.
• Evaluate third-party vendor risk related to cybersecurity.
• Maintain security baselines aligned with CIS, NIST, and Microsoft best practices.
• Collaborate with team members and stakeholders on solutions and designs that align with best practices.

Security Awareness, Training & User Education (20%)

• Administer the KnowBe4 Security Awareness platform, including:

o   Phishing campaigns

o   Training assignments

o   Risk scoring

o   Executive and compliance reporting

• Analyze user behavior trends and continuously improve training effectiveness.
• Maintain and enhance end‑user security knowledge documentation, including:

o   Phishing identification and reporting

o   Password and MFA best practices

o   Data handling and privacy guidelines

o   Remote work security

o   Device security expectations

• Create easy-to-consume knowledge base articles, quick-reference guides, and internal security bulletins.
• Conduct internal security awareness campaigns and tabletop exercises.

Governance, Risk & Compliance (15%)

• Assist with the creation, review, and enforcement of security policies, including acceptable use, access control, data protection, and incident response.
• Support audits and assessments against frameworks such as:

o   NIST CSF / 800-53

o   CIS Controls

o   HIPAA / healthcare security alignment

• Maintain evidence, reporting, and metrics for leadership visibility.
• Track remediation of security findings and risks.

Infrastructure Support (10%)

• Provide limited infrastructure support strictly related to security enablement, visibility, and risk reduction.
• Support secure network segmentation, firewall policy review, and secure cloud connectivity.
• Assist with escalated incidents where security and infrastructure intersect.
• Collaborate with the Infrastructure team on disaster recovery and business continuity initiatives.

Required Qualifications

• 5 years of experience in enterprise cybersecurity operations and security monitoring environments.
• Strong hands-on experience with the Microsoft Security ecosystem:

o   Defender suite

o   Sentinel

o   Entra ID

o   Intune

o   Purview

• Experience managing endpoint security and identity security at scale.
• Demonstrated experience running security awareness programs (KnowBe4 preferred).
• Ability to write clear, user-friendly security documentation and training material.
• Strong incident response and investigation skills.
• Experience with PowerShell or automation preferred.
• Excellent communication skills with both technical and non-technical audiences.

Preferred Qualifications

• Microsoft certifications:

o   SC-200, SC-300, SC-400, AZ-500, MD-102

• Security certifications:

o   Security , CySA , CISSP, CISM, CEH

• Experience with SOAR automation and threat hunting.
• Experience integrating third-party security tools into Microsoft Sentinel.

What We Offer

• Competitive compensation and benefits
• A hybrid work environment
• Certification and professional development support
• Opportunity to own and mature an enterprise security program
• Strong executive visibility and impact
• Collaborative and forward-thinking IT culture
• Perform other job duties as assigned

Equal Opportunity Employer

We are committed to creating a diverse and inclusive workplace and encourage applications from all qualified individuals. This role requires regular, ongoing in‑office presence. Employees are expected to work onsite, which includes non-company locations where we conduct business, the majority of the time to support collaboration, productivity, and business operations according to the schedule set by supervisors and/or branch management.

This job description is not intended to create a contract of employment. It provides a general overview of the primary duties and responsibilities of the position but does not (and cannot practically) represent an exhaustive or comprehensive list. Duties, responsibilities, and requirements may change or be assigned at any time based on business needs, and the company reserves the right to modify this description accordingly.