Cloud MDR Analyst SkillBridge Intern (Hybrid Shift M-F 12 PM - 8 PM ET)

Remote Full-time
Blackpoint Cyber is the leading provider of world-class cybersecurity threat hunting, detection and remediation technology. Founded by former National Security Agency (NSA) cyber operations experts who applied their learnings to bring national security-grade technology solutions to commercial customers around the world, Blackpoint Cyber is in hyper-growth mode, fueled by a recent $190m series C round.

Why Blackpoint?
Ready to give some hackers hell? On the Blackpoint Cyber Team, we win the unfair fight while helping others protect what's most important to them. Simply put, our team takes out the adversaries before they see us coming. Join us today and help put the bad guys in their place for good.
Blackpoint Cyber was built by former US Department of Defense and Intelligence security experts focused on stopping malicious tradecraft and safeguarding MSP operations. Our mission? Provide absolute and unified Managed Detection and Response services to organizations across the world.

Company Culture
On this team, we value high-quality execution, ownership, and strong morals. With us, principles are never tested, and we are proud to always do right by our customers. If you're a driven professional with a passion for learning and contributing towards the best, then Blackpoint welcomes you. Our team is energetic and collaborative, maintaining a high-performance culture and enabling growth through overcoming challenges in the modern cyberthreat landscape.

Please only apply if you are eligible for SkillBridge and able to work our Hybrid Shift (Mon - Fri 12 PM - 8 PM ET)

TO BE ELIGIBLE FOR DOD SKILLBRIDGE JOB OPPORTUNITES, YOU MUST BE AN ACTIVE MEMBER OF THE U.S. MILITARY WITH 180 DAYS OF SERVICE OR FEWER REMAINING PRIOR TO YOUR DATE OF SEPARATION AND HAVE AT LEAST 180 CONTINUOUS DAYS OF ACTIVE SERVICE

What You'll Do
Blackpoint Cyber is seeking a Cloud MDR Analyst with demonstrated experience in Security Operations and Cloud Security to join our Threat Operations Center. In this role, you will be a frontline defender of our clients' cloud environments — monitoring, investigating, and responding to threats targeting Microsoft 365, Google Workspace and Cisco Duo as part of our Cloud Response capability. You will work alongside seasoned MDR analysts in a 24×7×365 environment to detect and neutralize adversaries operating within SaaS and cloud-native attack surfaces before they can cause harm.

How You'll Make an Impact
• Monitor and analyze anomalous behavior across Microsoft 365, Google Workspace and Cisco Duo environments, including suspicious sign-ins, OAuth application abuse, mailbox rule manipulation, data exfiltration indicators, and identity-based attacks
• Follow standardized Cloud Response playbooks to triage, escalate, and respond to security events across SaaS platforms, including account containment, session revocation, and admin remediation actions
• Investigate cloud-specific attack techniques such as Business Email Compromise (BEC), adversary-in-the-middle (AiTM) phishing, OAuth consent grant abuse, and privilege escalation via misconfigured cloud permissions
• Collaborate with Senior Analysts to research and investigate emerging cloud threat tradecraft and contribute recommendations for new detection logic targeting M365 and Google Workspace telemetry
• Proactively identify and mitigate false positives across cloud alert pipelines by working with senior analysts to suppress noisy or low-fidelity detections
• Collaborate with customers to review cloud security incidents and assist with detection, prevention, and mitigation strategies — including guiding clients through Microsoft Secure Score improvements and Google Workspace security posture reviews
• Leverage cloud-native audit logs — including Microsoft Unified Audit Log, Azure AD Sign-in Logs, and Google Workspace Admin Reports — to reconstruct attacker timelines and scope incidents
• Bring your observant and curious mindset to cloud investigations and security events!

What You'll Bring
• Motivation and drive to work in a fast-paced and dynamic external SOC environment with a focus on cloud and SaaS security
• Minimum of 1-2 years of experience in an information security role; progressive relevant training and/or certification may be substituted for one year of the experience requirement
• Experience working in a SOC with cloud incident exposure preferred
• Working knowledge of Microsoft 365 security features including Microsoft Defender for Office 365, Microsoft Defender for Identity, Microsoft Entra ID (Azure AD), Conditional Access Policies, and the Microsoft Unified Audit Log
• Familiarity with Google Workspace security capabilities including Google Workspace Admin Console, Context-Aware Access, DLP policies, and Google Workspace Audit & Investigation Tool
• Understanding of cloud identity attack vectors such as credential stuffing, MFA bypass techniques (AiTM, SIM-swapping), OAuth phishing, and token theft
• Some knowledge of cloud-adjacent tradecraft including Living off the Land techniques applied to cloud environments, lateral movement via federated identity, and cloud persistence mechanisms
• Excellent problem-solving skills, critical thinking, and analytical skills with the ability to deconstruct issues and hunt anomalous patterns in cloud telemetry
• Excellent verbal and written communication skills to effectively summarize and present cloud incident findings to both technical and non-technical stakeholders
• Ability to work independently or as a member of a team in a shift-based environment
• Experience with CTF platforms or cloud security labs such as TryHackMe, PwnedLabs, or Microsoft Learn security paths are a plus

What We Can Do For You
• Exposure to nation-state grade MDR with hands-on response capability across Microsoft 365 and Google Workspace — the cloud platforms most targeted by modern adversaries
• Intensive training program designed by SOC leadership, including cloud-specific onboarding tracks covering M365 Defender, Entra ID, and Google Workspace forensics to ensure you are set up for success
• Empowering you to upskill in areas like Cloud Threat Hunting, Identity & Access Abuse detection, and SaaS Security Posture Management (SSPM) — we love seeing analysts automate cloud log enrichment or contribute to the team's detection knowledge base
• Growth opportunities within a rapidly expanding Cloud Response capability that is only going to get bigger and smarter as adversaries continue to shift their focus to cloud and SaaS environments
Blackpoint Cyber welcomes and encourages applications from qualified individuals of all races, colors, religions, sex, sexual orientation, gender identity or expression, national origin, age, marital status, or any other legally protected status. We are committed to equality of opportunity in all aspects of employment. For eligible employees in the US, Blackpoint offers competitive Health, Vision, Dental, and Life Insurance plans, a robust 401k plan, Discretionary Time Off, and other minor perks.

Apply To This Job
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

**Experienced Full Stack Social Media Customer Support Specialist – Remote Work Opportunity at arenaflex**

Remote

**Experienced Customer Service Specialist – Delivering Exceptional Arenaflex Customer Experiences**

Remote

Senior Human Resources Business Partner, Digital Technology – CES, Enterprise and DT FLIGHT DECK

Remote

Experienced Remote Chat Support Agent – Work from Phone (No Experience Required) – careerzynith

Remote

Experienced Remote Amazon Employment Opportunities - Telework Jobs in Customer Service, Data Analysis, Software Engineering, Digital Marketing, and Supply Chain Management

Remote

Sr. Research Analyst, Executive Search

Remote

Microsoft Alliance Leader

Remote

Remote Long‑Term Guest Art Teacher – Creative Classroom Leadership for K‑12 Students (20+ Days)

Remote

**Experienced Part-Time Remote Data Entry Associate – Flexible Work Schedule at Hirezen**

Remote

Healthcare Recruiter- South Carolina

Remote
← Back