Cybersecurity Analyst

This is a full-time opportunity with an MSSP local to the Phoenix area that specializes in cybersecurity consulting, network forensics, and incident response for external clients. They provide advanced managed detection response services, leveraging a mix of proprietary and open-source tools, along with leading EDR platforms such as CrowdStrike, SentinelOne, and Sophos.
What makes this role exciting is the impact and autonomy you'll have working directly with multiple clients as a trusted security advisor. You'll be hunting threats, analyzing network traffic, and helping clients strengthen their defenses against real world attacks. This is not a traditional SOC role, you'll be diving deep into complex, hands on investigations and working in black box environments.

Required Skills & Experience

• 3+ years of experience in cyber incident response, ideally handling complex cases such as ransomware across multiple external environments
• 3+ years of proactive threat hunting experience within network traffic and EDR tools (CrowdStrike, SentinelOne, FireEye, Sophos, etc.)
• Strong understanding of network forensics, packet capture, and log analysis outside of SIEM platforms
• Hands-on experience working in black box environments, identifying and remediating threats with limited visibility
• Familiarity with scripting or automation tools such as Python or PowerShell
• Strong communication skills and client-facing experience, including presenting findings and collaborating with technical and non-technical stakeholders
• Deep technical understanding of Windows and/or Linux systems, networks, and firewalls
• Ability to work independently and prioritize multiple client environments while maintaining attention to detail
• Must be authorized to work in the U.S. now and in the future (no sponsorship available)

Desired Skills & Experience

• Background in systems or network administration (Windows, Linux, and/or networking)
• Experience working within Managed Detection & Response (MDR) or Managed Security Service Provider (MSSP) environment
• Familiarity with open-source security and forensic tools
• Exposure to IDS/IPS and packet capture technologies
• Knowledge of threat intelligence platforms and how to operationalize findings
• Experience with automation or orchestration using SOAR platforms
• Strong understanding of business continuity and how cybersecurity aligns with overall business risk
• Home lab or personal security projects demonstrating a passion for cybersecurity and continual learning
• Relevant security certifications (e.g., SANS GIAC, GCIH, GCFA, CEH, OSCP, or equivalent)

What You Will Be Doing
Tech Breakdown

• 35% Network Forensics / Packet Capture
• 25% Endpoint Detection & Response (CrowdStrike, SentinelOne, FireEye, Sophos, etc.)
• 15% Scripting & Automation (Python, PowerShell)
• 10% Threat Intelligence & Hunting
• 10% Windows / Linux Administration
• 5% Security Orchestration (SOAR) & Open-Source Tools

Daily Responsibilities

• 70% Hands-On Threat Hunting, Forensics, and Incident Response
• 15% Client Communication, Reporting, and Consulting
• 10% Team Collaboration and Knowledge Sharing
• 5% Process Improvement, Automation, and Tool Development

The Offer

• Bonus OR Commission eligible

You will receive the following benefits:

• Medical, Dental, and Vision Insurance
• Vacation Time
• Stock Options

Applicants must be currently authorized to work in the US on a full-time basis now and in the future.