Security Analyst - Cybersecurity Expertise

- Investigate and document detected cyber incidents by applying basic knowledge and independently adhering to established procedures; escalate complicated cases to senior team members for advice. - Oversee system cybersecurity operations by conducting routine checks independently and escalating important issues as necessary. - Conduct initial cyber incident analysis, applying critical thinking to assess scope and urgency, and escalate intricate incidents for further review. - Identify and record vulnerabilities using designated tools and checklists, applying some judgment in reporting outcomes and escalating non-standard issues. - Gather data using computer network defense tools (like IDS alerts, firewall logs, and host system logs), performing routine analyses independently and escalating complex patterns to senior staff. - Record incident activities by filling out standard forms and logs autonomously, ensuring accuracy and escalating any discrepancies for supervisor review. - Assist in root cause analysis by compiling information and applying fundamental analytical skills; escalate more complex investigations to senior analysts. - Stay up to date on cybersecurity threats and best practices through ongoing training and team briefings and begin to share insights that may enhance team processes. - Maintain the Microsoft Security stack by executing assigned tasks independently, escalating advanced issues, and suggesting minor process enhancements when warranted. - Support identity and access management (IAM) tasks by carrying out predefined steps autonomously and escalating complex or unusual matters. - React to active attacks in cloud and on-premises setups by following established instructions, using judgment within guidelines, and escalating complex situations. - Provide input on threat protection practices by sharing observations and basic analyses, aiding team efficiency, and contributing to process advancements. - Report suspected breaches of organizational policies independently, escalating cases that need further examination. - Assist with risk mitigation initiatives by executing exposure management tasks independently, escalating complex risks, and proposing enhancements to routine processes. - Take part in the formulation of enterprise-wide security architectures and standards by attending meetings, documenting discussions, and contributing suggestions for process enhancements. - Assist in baseline and risk assessments by collecting data and completing checklists independently, escalating complex findings. - Offer basic cybersecurity consultation and participate in enterprise-wide health checks as a team member, applying foundational knowledge and escalating intricate inquiries. - Research assigned cybersecurity threats, employing critical thinking to compile information and escalate complex incidents. - Help maintain the enterprise cybersecurity risk register by inputting data independently and escalating unusual entries. - Assist in cybersecurity investigations and forensic efforts by performing data collection and documentation independently, escalating complex cases. - Aid in the management of intrusion prevention systems and help define endpoint protection policies by completing routine tasks, exercising judgment within guidelines, and suggesting improvements. - Analyze advanced threat detection (ATD) alerts by adhering to established rules, exercising judgment, and escalating unusual or complex alerts. - Provide basic guidance and support to staff on cybersecurity issues, applying foundational knowledge and escalating intricate questions to senior analysts. - Engage in training sessions and stay informed on cybersecurity and communication technologies, supporting team efficiency and sharing insights for process enhancements.