Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Blackpoint Cyber

Cloud MDR Analyst, SkillBridge Intern

Blackpoint Cyber

Cloud MDR Analyst in Remote role monitoring and responding to threats targeting cloud environments. Work with seasoned MDR analysts to neutralize adversaries.

Posted 4/24/2026internshipRemote • 🇺🇸 United StatesEntry LevelWebsite

Tech Stack

Tools & technologies
AzureCloud

About the role

Key responsibilities & impact
  • Monitor and analyze anomalous behavior across Microsoft 365, Google Workspace and Cisco Duo environments, including suspicious sign-ins, OAuth application abuse, mailbox rule manipulation, data exfiltration indicators, and identity-based attacks
  • Follow standardized Cloud Response playbooks to triage, escalate, and respond to security events across SaaS platforms, including account containment, session revocation, and admin remediation actions
  • Investigate cloud-specific attack techniques such as Business Email Compromise (BEC), adversary-in-the-middle (AiTM) phishing, OAuth consent grant abuse, and privilege escalation via misconfigured cloud permissions
  • Collaborate with Senior Analysts to research and investigate emerging cloud threat tradecraft and contribute recommendations for new detection logic targeting M365 and Google Workspace telemetry
  • Proactively identify and mitigate false positives across cloud alert pipelines by working with senior analysts to suppress noisy or low-fidelity detections
  • Collaborate with customers to review cloud security incidents and assist with detection, prevention, and mitigation strategies — including guiding clients through Microsoft Secure Score improvements and Google Workspace security posture reviews
  • Leverage cloud-native audit logs — including Microsoft Unified Audit Log, Azure AD Sign-in Logs, and Google Workspace Admin Reports — to reconstruct attacker timelines and scope incidents
  • Bring your observant and curious mindset to cloud investigations and security events!

Requirements

What you’ll need
  • Minimum of 1-2 years of experience in an information security role; progressive relevant training and/or certification may be substituted for one year of the experience requirement
  • Experience working in a SOC with cloud incident exposure preferred
  • Working knowledge of Microsoft 365 security features including Microsoft Defender for Office 365, Microsoft Defender for Identity, Microsoft Entra ID (Azure AD), Conditional Access Policies, and the Microsoft Unified Audit Log
  • Familiarity with Google Workspace security capabilities including Google Workspace Admin Console, Context-Aware Access, DLP policies, and Google Workspace Audit & Investigation Tool
  • Understanding of cloud identity attack vectors such as credential stuffing, MFA bypass techniques (AiTM, SIM-swapping), OAuth phishing, and token theft
  • Some knowledge of cloud-adjacent tradecraft including Living off the Land techniques applied to cloud environments, lateral movement via federated identity, and cloud persistence mechanisms
  • Excellent problem-solving skills, critical thinking, and analytical skills with the ability to deconstruct issues and hunt anomalous patterns in cloud telemetry
  • Excellent verbal and written communication skills to effectively summarize and present cloud incident findings to both technical and non-technical stakeholders
  • Ability to work independently or as a member of a team in a shift-based environment
  • Experience with CTF platforms or cloud security labs such as TryHackMe, PwnedLabs, or Microsoft Learn security paths are a plus.

Benefits

Comp & perks
  • Competitive Health, Vision, Dental, and Life Insurance plans
  • Robust 401k plan
  • Discretionary Time Off
  • Other minor perks

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cloud incident responseanomaly detectiondata exfiltration analysisBusiness Email Compromise (BEC)OAuth phishingcredential stuffingMFA bypass techniquescloud security analysisthreat detection logiccloud telemetry analysis
Soft Skills
problem-solvingcritical thinkinganalytical skillscommunication skillscollaborationindependent workteamworkcuriosityattention to detailadaptability