Job Description

Job Description

Job Description

The Cybersecurity Analyst is responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats and incidents. This position supports the organization's defense posture by leveraging Microsoft 365 Defender, Microsoft Purview, Azure security tools, and a SIEM platform. The role is aligned with the NIST NICE Cybersecurity Workforce Framework, specifically the System Security Analyst (Work Role ID: PR-CDA-001), and focuses on protecting information systems through analysis, incident response, and threat mitigation activities. Responsibilities • Monitor Security Information and Event Management (SIEM) platforms, including Microsoft Sentinel, for alerts, anomalies, and indicators of compromise (IOCs).
• Investigate and triage security incidents using data from Microsoft Defender for Endpoint, Microsoft 365 Defender (Office 365, Identity), Microsoft Purview, cloud firewalls (e.g., Meraki, Azure), and Web Application Firewalls (WAF).
• Identify, assess, and track vulnerabilities across assets using internal and third-party tools; work with system owners to ensure timely remediation.
• Document and report security incidents with clear findings, severity ratings, impact assessments, and remediation recommendations.
• Collaborate across IT, infrastructure, and cloud teams to contain threats, execute incident response actions, and support system recovery efforts. Conduct forensic analysis and advanced threat investigations using KQL queries, audit logs, and endpoint telemetry to determine scope, impact, and attribution.
• Tune detection rules and analytics in SIEM and other security platforms to improve fidelity, reduce false positives, and address evolving threat actor tactics.
• Contribute to the development and refinement of security policies, alert logic, response playbooks, and standard operating procedures.
• Support compliance and audit readiness by monitoring Data Loss Prevention (DLP) policies, insider risk signals, and access control logs.
• Stay current on emerging threats, MITRE ATT&CK techniques, vulnerability disclosures (CVEs), and relevant threat intelligence. Execute assigned projects related to security improvements, risk mitigation, and process optimization.
• Perform other duties assigned to support organizational security objectives. Required Skills EDUCATION

• Bachelor’s degree in computer technology, security or similar field preferred
  Relevant security certifications preferred (e.g., Security+, CySA+, SC-200, GCIH, GCIA)

• A minimum of 4 years of experience in cybersecurity as a security analyst or in a similar technical role

• Proficiency with various security tools: Defender XDR, Purview, Entra ID, and M365 audit logs
• Strong understanding of cybersecurity principles, intrusion detection, and incident response processes
• Experience with SIEM technologies and log analysis tools
• Understanding of cloud and hybrid environments, including Azure IaaS/PaaS
• Ability to write technical documentation, incident reports, and security assessments
• Superb time management skills; meets deadlines
• Excellent organizational skills with ability to prioritize tickets and tasks; balances support tickets vs. security projects
• Adaptability: Adapts to changes in the work environment; manages competing demands; adjusts approach as needed to fit the situation

• Travel to the Bannockburn IL office on a quarterly basis
• Work environment – Fast-paced, collaborative, and dynamic work environment with a focus on teamwork and meeting tight deadlines
• Hours – 8am to 5pm; after hours work as needed, emergency on-call for security incidents

Job Tags

Similar Jobs