This is a remote position.
We are seeking a highly skilled and experienced Cybersecurity Analyst to join our team. The ideal candidate will have 5-8 years of hands-on experience in cybersecurity, risk assessment, and threat mitigation. This role requires expertise in security operations, incident response, vulnerability management, and compliance with industry security standards.
Monitor, detect, and respond to security incidents using SIEM tools and other security monitoring solutions.
Conduct vulnerability assessments, penetration testing, and risk analysis to identify potential threats.
Implement and enforce security policies, procedures, and best practices.
Investigate security breaches, analyze attack patterns, and recommend remediation measures.
Perform forensic analysis to determine the root cause of security incidents.
Manage security tools and technologies, such as firewalls, IDS/IPS, antivirus, and endpoint detection solutions.
Ensure compliance with regulatory requirements such as NIST, ISO 27001, HIPAA, PCI-DSS, and GDPR.
Collaborate with IT teams to develop security strategies and implement security enhancements.
Conduct security awareness training and educate employees on cybersecurity best practices.
Document security incidents, risk assessments, and policy updates.
5-8 years of experience in cybersecurity, information security, or a related field.
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related discipline (or equivalent experience).
Proficiency in security tools such as Splunk, Wireshark, Nessus, Qualys, Palo Alto, CrowdStrike, or similar technologies.
Hands-on experience with incident response, threat hunting, forensic analysis, and penetration testing.
Strong understanding of network security, encryption, access control, and cloud security principles.
Familiarity with regulatory and compliance frameworks such as NIST, ISO 27001, SOC 2, HIPAA, PCI-DSS, and GDPR.
Experience with scripting and automation using Python, PowerShell, or Bash is a plus.
Strong analytical, problem-solving, and communication skills.
Industry certifications such as CISSP, CISM, CEH, GIAC, or Security+ are highly desirable.
Experience in cloud security (AWS, Azure, or Google Cloud Platform).
Knowledge of zero trust architecture and zero-day threat mitigation.
Experience working in a Security Operations Center (SOC) environment.
Familiarity with DevSecOps practices and secure coding methodologies.