Job Description
Job Title: Cyber Data Analyst
Role Overview
The Cyber Data Analyst is responsible for analyzing, correlating, and interpreting large volumes of cybersecurity data to identify threats, anomalies, operational risks, and trends across the enterprise. This role supports security operations, threat hunting, risk management, and leadership reporting by transforming raw security telemetry into actionable insights. The ideal candidate has strong analytical skills, hands-on experience with security telemetry and cyber tools, and the ability to work closely with SOC, engineering, and analytics teams in a governed, highly secure environment.
Key Responsibilities
Cybersecurity Data Analysis & Threat Detection
• Analyze logs, alerts, and telemetry from cybersecurity platforms including:
o SIEM, EDR, NDR o CASB, IAM, and identity systems
o Cloud security and vulnerability management tools
• Identify anomalies, trends, and emerging cyber risks through structured and exploratory analysis.
• Support incident investigation, threat hunting, and risk assessments by providing timely and accurate analytical insights. Event Correlation & Investigations
• Correlate events across multiple security and enterprise data sources to reconstruct attack paths and investigate suspicious activity.
• Assist security teams in prioritizing alerts and incidents based on risk, impact, and observed patterns.
• Provide analytical support during incidents, root cause analysis, and post-incident reviews.
Behavioral & Baseline Analytics
• Conduct baseline and behavioral analytics to detect deviations from normal system, user, and network activity.
• Identify potential insider threats, compromised accounts, misconfigurations, and policy violations.
• Continuously refine baselines to adapt to evolving enterprise and threat landscapes.
Data Ingestion, Normalization & Enrichment
• Ingest, cleanse, normalize, and enrich cybersecurity data from diverse platforms and formats.
• Standardize fields, timestamps, entities, and identifiers to enable consistent cross-source analysis.
• Enrich data using internal and external context such as asset criticality, user roles, business ownership, and threat intelligence.
Data Modeling & Reference Management
• Build and maintain data models, lookup tables, and reference mappings, including:
o Assets and infrastructure inventories o Users, identities, and access relationships
o Applications, environments, and business units
• Ensure reference data remains accurate, current, and aligned with enterprise governance standards.
Metrics, KPIs & Reporting
• Define, calculate, and maintain cybersecurity metrics and KPIs, including but not limited to:
o Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)
o Alert volumes and false positive rates
o Vulnerability exposure and remediation trends
o Endpoint and control coverage
o Detection and logging health
• Support dashboards and reporting consumed by SOC leaders, risk teams, and executives.
Risk Identification & Insight Generation
• Identify critical cyber risks such as:
o Recurring or high-impact vulnerabilities
o Compromised or over-privileged accounts
o Behavioral anomalies and lateral movement
o Gaps in visibility, detection, or attack surface coverage
• Translate analytical findings into clear narratives and recommendations for security stakeholders.
Required Qualifications
• Bachelor’s degree in Cybersecurity, Information Systems, Data Analytics, Computer Science, or a related field.
• 4+ years of experience in cybersecurity analytics, SOC analysis, or data analysis roles supporting security teams.
• Strong experience working with security telemetry, logs, and alerting data.
• Proficiency in SQL and experience querying large datasets.
• Strong understanding of cybersecurity concepts, threats, and attack techniques.
• Ability to communicate analysis and findings clearly to technical and non-technical audiences.
Cybersecurity Domain Experience (Essential)
• Experience with tools such as SIEM, EDR, IAM, vulnerability scanners, or cloud security platforms.
• Familiarity with incident response, threat hunting, and detection engineering workflows.
• Understanding of common attack frameworks such as MITRE ATT&CK.
• Experience working in regulated or enterprise security environments.
Preferred / Nice-to-Have Qualifications
• Familiarity with cloud platforms and cloud security telemetry.
• Experience with Python or scripting for data analysis and automation.
• Exposure to BI or visualization tools (Power BI, Tableau, QuickSight).
• Experience supporting SOC operations or cyber risk reporting.
• Certifications such as Security+, GSOC, GCIA, or similar.
Never miss an opportunity! Create an alert based on the job you applied for.
