Cyber Security Analyst (Tier 2)
CyberSheath Services International LLC is a rapidly growing Security and IT Managed Services Provider primarily focused on providing Cybersecurity services to the Defense Industrial Base (DIB). We are excited to be expanding our staff due to our growth and are looking to add a Cyber Security Analyst to our Security Operations team! CyberSheath integrates compliance and threat mitigation efforts and eliminates redundant security practices that don’t improve and, in fact, may weaken an organization’s security posture. Our professionals tell clients where to stop spending, where to invest, and how to take what they are already doing and integrate it in a way that delivers improved security. Successful candidates for CyberSheath are self-motivated, think out of the box, work, and solve issues independently. Additionally, our most successful people are self-starters and willing to put on many hats in order to succeed. CyberSheath is fast-growing and seeks candidates who want to be part of our upward trajectory. Job Overview The Cyber Security Analyst (Tier 2) is responsible for advanced security incident triage, investigation, and response across Microsoft 365, Azure, and on-premises infrastructure. Serves as the escalation point for complex security incidents while implementing containment and remediation procedures in hybrid environments.Key ResponsibilitiesInvestigate and respond to escalated security incidents across Microsoft cloud and on-premises environmentsPerform advanced incident analysis using Microsoft Defender suite and Azure SentinelConduct security assessment of Azure/Microsoft 365 configurations and implement hardening recommendationsAnalyze and respond to advanced Active Directory attacks (Kerberoasting, Pass-the-Hash, Golden Ticket)Monitor and investigate Exchange Server logs, email flow patterns, and phishing campaignsAnalyze federation security including ADFS token-based attacks and SAML token manipulationConfigure and tune WAF/firewall rule sets and investigate related security incidentsDevelop network segmentation strategies and identify lateral movement attemptsDevelop and maintain incident response playbooks for various attack scenariosCoordinate incident response activities with cross-functional teamsRequired Qualifications3-5 years in cybersecurity with 2+ years SOC experienceDeep knowledge of hybrid Microsoft environments (Microsoft 365, Azure, on-premises AD)Experience with SIEM platforms and security monitoring toolsScripting proficiency (PowerShell, Python)Strong analytical and communication skillsMicrosoft Certified: Security Operations Analyst (SC-200)One additional security certification: EC-Council CSA, CompTIA Security+, or similarPreferred QualificationsMicrosoft Certified: Azure Security Engineer (AZ-500)Microsoft Certified: Identity and Access Administrator (SC-300)CrowdStrike Certified Falcon Responder (CCFR) or equivalent EDR certificationCISSP, SSCP, CCSPSkills ExpertiseStrong Proficiency with Microsoft Defender suite (Endpoint, Office 365, Identity, Cloud Apps)Azure Sentinel KQL query development and alert configurationAzure AD/Entra ID security configuration and attack path analysisActive Directory security assessment including GPOs, trust relationships, and delegationEmail security and phishing detection/responseCloud security posture managementIncident handling and digital forensicsThreat intelligence analysis and implementationWork Environment CyberSheath is a fully remote organization, and this will be a work-from-home position Travel requirements: 0-5% yearly.CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability.Budgeted Pay Range$70,000$100,000 USDOriginally posted on Himalayas
Apply Now
Apply Now