Cybersecurity Analyst / Engineer

Job Summary

The ideal candidate will possess mastery-level knowledge of cybersecurity alert triage, incident response aligned with NIST guidelines and be well-versed in threat detection techniques based on the MITRE ATT&CK framework. This role requires hands-on expertise in managing enterprise security platforms, owning the vulnerability management lifecycle, and leading email security operations.
The successful candidate will lead security event response, and act as a subject matter expert for the broader team. They will provide mentorship to junior staff and serve as a critical resource in securing enterprise IT and cloud environments.

Key Responsibilities

* Implement and maintain cybersecurity tools and platforms across the enterprise, including extended endpoint detection and response (DR), email security systems, and cloud security solutions.
* Lead and manage the enterprise Vulnerability Management Program, coordinating with infrastructure and application teams to drive timely remediation.
* Monitor and analyze cybersecurity alerts; lead response activities and investigations following NIST 800-61 incident response lifecycle.
* Develop and maintain correlation rules to improve threat detection, reduce false positives, and ensure timely alerting to Tier 1 analysts.
* Own the email security ecosystem, including administration of tools and enforcement of DMARC policies.
* Administer and maintain the enterprise email security gateway, ensuring secure, timely, and reliable delivery of all inbound and outbound email communications.
* Perform advanced threat hunting and cyber risk mitigation using IOCs (Indicators of Compromise), BIOCs (Behavioral Indicators of Compromise, and known TTPs (Tactics, Techniques, and Protocols).
* Develop and maintain PowerShell scripts to automate routine tasks, streamline security
Strong experience with Windows Server and Desktop OS, Office 365, and Microsoft Azure.
* Proven expertise managing endpoint detection & response (EDR/DR) platforms.
* Experience building SIEM correlation rules and detection content.
* In-depth knowledge of email security technologies, SPF, DKIM, DMARC, and general email infrastructure.
* Strong understanding of vulnerability scanning tools and coordinating remediation activities.

* Experience with Cortex DR, Microsoft Defender Suite, Proofpoint Email Security Gateway and related tools, and Rapid7 are a plus
3 / 3
* Exposure to scripting (e.g., PowerShell, Python) to automate tasks and improve detection capabilities.
* Familiarity with Zero Trust architecture, and cloud security posture management
* Knowledge of Operational Technology (OT) security concepts and architectures, including familiarity with the Purdue Model