Senior Cyber Security Analyst

We are seeking a highly capable Senior Cyber Security Analyst who will support the security operation center as part of a distributed enterprise IT team. This role requires a strong technical foundation across hybrid on-premises and cloud infrastructure, a high degree of responsibility, IT security disciplines, and the ability to operate in a fast-paced, compliance-driven environment. Lead and execute advanced security monitoring, incident response, threat hunting, and risk-reduction activities to protect company assets, systems, and information data. Coordinate with cross-functional teams to improve security posture across the enterprise.

Key Responsibilities:

• Security monitoring & detection: Design, tuning, maintain IDS/IPS, SIEM, EDR, and log collection pipelines to detect advanced threats.
• Incident Response: Establish and implement an operational incident-handling capability for organizational systems, encompassing preparation, detection, forensic collection, analysis, containment, eradication, recovery, user response, and post-incident root-cause analysis. Track and document incidents, produce reports and recommendations, notify relevant authorities, and conduct tests of the organization's incident response capability.
• Threat hunting & intelligence: Proactively hunt for threats across networks, endpoints, cloud, and applications using threat intelligence, YARA rules, KQL queries, and custom tooling.
• Vulnerability management: Coordinate regular vulnerability scanning, assess risk, prioritize remediation, and validate fixes.
• Risk assessment & remediation: Conduct risk assessments, threat modeling, and security reviews for systems, applications, and projects; propose mitigations and track remediation.
• Security architecture & controls: Advise on secure design and configuration for onpremises infrastructure and cloud (Azure/AWS), network, identity, and application layers; implement security controls and hardening.
• Automation & tooling: Develop automation (playbooks, SOAR, scripts) to streamline detection, response, and reporting. on-premises
• Compliance & governance: Support audits and regulatory compliance programs (e.g., CMMC, NIST 800-171, DFARS 7012) by providing evidence, mapping controls, and remediation tracking.
• Metrics & reporting: Define and report key security metrics (MTTD, MTTR, incident counts, vulnerability trends); brief technical and executive stakeholders.
• Collaboration: Work with Enterprise IT, DevOps, HR, legal, and business units to integrate security into product/programs, change management, and release processes.

Qualifications:

• 12 years of hands-on experience in security operations, incident response, threat hunting, or related roles.
• Strong knowledge of SIEM or logging platform (e.g., Splunk, Elastic, Sentinel), EDR (e.g., CrowdStrike, Microsoft Defender), and network security tooling.
• Experience with hybrid on-premises/cloud security environments using AWS/Azure and securing physical systems, virtual machines, and containers.
• Proficiency with one or more scripting languages (Bash, Python, PowerShell, or Perl) and building detection queries.
• Solid understanding of TCP/IP, DNS, HTTP, SSL/TLS, authentication protocols (OAuth, SAML), and common attack vectors.
• Solid understanding of MITRE ATT&CK framework/Cyber Kill Chain.
• Familiar with vulnerability scanning tools (Tenable/Nessus, Qualys), and remediation reporting workflows.
• Familiarity with FedRAMP controls and cloud security frameworks (AWS, Azure, or hybrid on-premises/multi-cloud environments).
• Incident response and digital forensics experience.
• Excellent analytical, communication, and stakeholder management skills.
• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or 7 years equivalent relevant experience (or relevant certifications).
• Knowledge of DISA STIGS, CIS benchmarks, STIG Viewer, and SCAP Compliance Checker.

Preferred Qualifications:

• Certifications: Security , CySA , CEH, CASP /SecurityX, CISSP, or equivalent.
• Experience with SOAR platforms (Palo Alto Networks, Splunk, Elastic).
• Familiarity with compliance frameworks (CMMC, NIST 800-171, NIST 800-53, DFARS).
• Prior experience in a SOC, MSSP, or large enterprise environment.

Physical and Mental Demands:

• The physical and mental demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform these functions.
• Ability to remain in a stationary position and operate a computer for extended periods.
• Occasional ability to move or transport items up to 25 pounds.
• Communicate effectively in English (verbal, written) and possess visual and auditory acuity for tasks and safety.
• Manage multiple tasks, prioritize, and maintain focus in dynamic environments.
• Demonstrate strong problem-solving, critical thinking, and analytical skills.
• Maintain consistent attendance, punctuality, and high professional standards.