Cybersecurity Analyst

Job Summary:

We are seeking a versatile and proactive Cybersecurity Analyst with 1–2 years of experience to support and secure our IT infrastructure. The ideal candidate will have a strong foundation in cybersecurity, system and network administration, and day-to-day IT operations.

This role requires hands-on expertise in identifying threats, managing vulnerabilities, ensuring compliance with SOC 2 standards, and promoting security awareness. The candidate will also contribute to continuously improving the organization's overall security posture.

Key Responsibilities:

• Monitor and respond to security alerts and incidents using security tools
• Perform incident detection, analysis, and response, including alert triage and investigation of security events
• Conduct vulnerability scanning, risk assessment, and coordinate patch management
• Manage and secure endpoints using AV/EDR/XDR and UEM (Unified Endpoint Management) solutions
• Perform log analysis, threat hunting, and investigate suspicious activities
• Support system administration (Windows/Linux/macOS) including configuration, hardening, and maintenance
• Manage network infrastructure, firewalls, ACLs, and network security controls
• Administer Identity and Access Management (IAM), including user provisioning/deprovisioning, RBAC, and MFA enforcement
• Manage email security, including anti-phishing measures, spam filtering, and incident handling
• Provide technical support and troubleshoot IT/security-related issues
• Administer and manage Google Workspace (user management, security settings, policies)
• Maintain IT asset inventory and ensure proper tracking and compliance
• Conduct vulnerability remediation and ensure timely patching of systems
• Support backup operations, restoration, and disaster recovery planning
• Support and maintain compliance with SOC 2 requirements (controls, evidence collection, audits)
• Perform risk identification, assessment, and mitigation activities
• Conduct cybersecurity awareness training and promote security best practices across teams
• Maintain security documentation, SOPs, policies, and incident reports
• Research and evaluate new technologies, tools, and security solutions
• Analyze emerging threats, malware trends, and vulnerabilities
• Manage and evaluate security tools and vendors where applicable
• Collaborate with cross-functional teams to improve overall security posture
• Support day-to-day IT operations ensuring systems availability and security

Qualifications:

• Bachelor's degree (4 years) in Computer Science, Information Technology, Cybersecurity, or a related field
• 1-2 years of experience in Cybersecurity / Information Security / IT Operations
• Strong knowledge of cybersecurity fundamentals (network, endpoint, IAM, system security, and infrastructure security)
• Hands-on experience with SIEM tools (e.g.,Sentinel, Wazuh, etc.)
• Experience with vulnerability management tools and patching processes
• Practical experience in system administration (Windows, Linux, macOS)
• Strong understanding of network administration (TCP/IP, DNS, DHCP, firewalls, ACLs)
• Experience with AV/EDR/XDR and UEM tools (e.g., Intune, Hexnode, etc.)
• Experience with Google Workspace administration and security configurations
• Strong understanding of IAM concepts (RBAC, MFA, access lifecycle management)
• Knowledge of email security and phishing attack handling
• Familiarity with backup solutions and disaster recovery processes
• Understanding of SOC 2 compliance requirements, controls, and audit processes
• Experience in risk assessment and mitigation practices
• Familiarity with asset/inventory management tools and processes
• Ability to analyze malware, threats, and security incidents
• Basic scripting skills (PowerShell, or Bash) are a plus
• Knowledge of security frameworks (NIST, ISO 27001, SOC 2, CIS benchmarks)
• Relevant cybersecurity certifications are a plus
• Experience in security operations, including monitoring, incident detection, and response
• Experience in implementing and maintaining security controls across IT infrastructure and Systems
• Experience supporting SOC 2 audits or similar compliance frameworks