Cyber Security Analyst

CyberSheath Services International LLC is a rapidly growing Security and IT Managed Services Provider primarily focused on providing Cybersecurity services to the Defense Industrial Base (DIB). We are excited to be expanding our staff due to our growth and are looking to add a Cyber Security Analyst to our Security Operations team! 

CyberSheath integrates compliance and threat mitigation efforts and eliminates redundant security practices that don’t improve and, in fact, may weaken an organization’s security posture. Our professionals tell clients where to stop spending, where to invest, and how to take what they are already doing and integrate it in a way that delivers improved security.  

Successful candidates for CyberSheath are self-motivated, think out of the box, work, and solve issues independently. Additionally, our most successful people are self-starters and willing to put on many hats in order to succeed. CyberSheath is fast-growing and seeks candidates who want to be part of our upward trajectory. 

Job Overview 

The Cyber Security Analyst will support proactive monitoring of client’s environments to detect, analyze, track, and mitigate external threats utilizing a multi-tenant security information and event management system (SIEM) and other tools used to provide managed security services. The successful candidate is well versed in numerous security technologies, understands the motivations and capabilities of Advanced Persistent Threat actors, and can communicate risks and make recommendations associated with specific network threats. This role will support the IT and Security Managed Services teams and as well as being a point of contact for security matters. 

Essential Responsibilities (include but are not limited to): 

• Analyze, respond, document and report on potential security incidents identified in customer environments 

• Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets 

• Serve as an incident coordinator for security events that require urgent response, containment, and remediation 

• Develop and maintain Security tooling playbooks/runbooks 

• Continuously review and optimize existing technical processes, configurations, rulesets, technologies. 

• Provide analysis on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc. 

• Actively research current threats and attack vectors being exploited in the wild 

• Actively work with associate analysts and perform investigations on escalations 

• Ability to discuss security posture with multiple clients and make recommendations to better their holistic security approach 

Required Education, Experience, & Skills 

• Minimum of 3 years’ experience in Threat Analysis and Threat intelligence. 

• At least 2 years' experience working in a SOC

• First-hand working experience with industry leading SIEM/SOAR tooling/providers 

• Prior experience with Sumo Logic, Google Chronicle, Azure Sentinel is a strong plus. 

• Advanced understanding of query languages 

• Working Kusto (KQL) knowledge is a plus. 

• Networking experience (TCP/IP, Routing, RFC 1918, VPN/Zero-Trust Networking) 

• Strong experience with Office 365 / Entra ID Ecosystems. 

• GCC-High Experience is a plus. 

• Possess strong troubleshooting, problem-solving, and verbal/written communication skills 

• Excellent communication skills to communicate with support personnel, customers, and managers 

• Demonstrated ability to work in a team environment 

• Must be a U.S. Citizen and reside within the United States or its Territories 

Preferred Education, Experience, & Skills 

• Microsoft Cloud and Security Certifications (i.e. – AZ900, AZ104, SC200, SC300) 

• Industry Security Certifications (CISM, CISSP, CEH, Sec+) 

• Experience working in a fast-paced managed services environment (MSSP)  

• Great organization skills to balance and prioritize work and multitask 

• Great analytical and problem-solving skills to troubleshoot systems problems 

• Ability to work independently and remotely as part of a team 

Work Environment 

• CyberSheath is a fully remote organization, and this will be a work-from-home position  

• Travel requirements: 0-5% yearly. 

• Please note that this role is slated to work overnights: 

  • Week 1 - Monday - Thursday 8pm-8am local time
  • Week 2 - Tuesday - Thursday 8pm-8am local time 

   

CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability.