CyberSheath

Cyber Security Analyst, Tier 2

CyberSheath

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $70,000 - $100,000 per year

Job Level

Mid-LevelSenior

Tech Stack

AzureCloudCyber SecurityPython

About the role

  • Investigate and respond to escalated security incidents across Microsoft cloud and on-premises environments
  • Perform advanced incident analysis using Microsoft Defender suite and Azure Sentinel
  • Conduct security assessment of Azure/Microsoft 365 configurations and implement hardening recommendations
  • Analyze and respond to advanced Active Directory attacks (Kerberoasting, Pass-the-Hash, Golden Ticket)
  • Monitor and investigate Exchange Server logs, email flow patterns, and phishing campaigns
  • Analyze federation security including ADFS token-based attacks and SAML token manipulation
  • Configure and tune WAF/firewall rule sets and investigate related security incidents
  • Develop network segmentation strategies and identify lateral movement attempts
  • Develop and maintain incident response playbooks for various attack scenarios
  • Coordinate incident response activities with cross-functional teams

Requirements

  • 3-5 years in cybersecurity with 2+ years SOC experience
  • Deep knowledge of hybrid Microsoft environments (Microsoft 365, Azure, on-premises AD)
  • Experience with SIEM platforms and security monitoring tools
  • Scripting proficiency (PowerShell, Python)
  • Strong analytical and communication skills
  • Microsoft Certified: Security Operations Analyst (SC-200)
  • One additional security certification: EC-Council CSA, CompTIA Security+, or similar
  • Preferred: Microsoft Certified: Azure Security Engineer (AZ-500)
  • Preferred: Microsoft Certified: Identity and Access Administrator (SC-300)
  • Preferred: CrowdStrike Certified Falcon Responder (CCFR) or equivalent EDR certification
  • Preferred: CISSP, SSCP, CCSP
  • Skills & Expertise: Microsoft Defender suite, Azure Sentinel KQL, Azure AD/Entra ID security, Active Directory security assessment, Email security, Cloud security posture management, Incident handling and digital forensics, Threat intelligence analysis
Benefits
  • Fully remote (work-from-home)
  • Travel requirements: 0-5% yearly

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
Microsoft Defender suiteAzure SentinelPowerShellPythonActive DirectoryWAF/firewall configurationIncident responseNetwork segmentationSecurity assessmentThreat intelligence analysis
Soft skills
analytical skillscommunication skills
Certifications
Microsoft Certified: Security Operations Analyst (SC-200)EC-Council CSACompTIA Security+Microsoft Certified: Azure Security Engineer (AZ-500)Microsoft Certified: Identity and Access Administrator (SC-300)CrowdStrike Certified Falcon Responder (CCFR)CISSPSSCPCCSP
Recorded Future

Senior Threat Intelligence Analyst, Cybercrime

Recorded Future
Seniorfull-timeDistrict of Columbia, Florida, Massachusetts, Washington · 🇺🇸 United States
Posted: 1 hour agoSource: boards.greenhouse.io
Cyber Security
Invoca

Senior Information Security Analyst, AI

Invoca
Seniorfull-time$107k–$161k / year🇺🇸 United States
Posted: 3 hours agoSource: boards.greenhouse.io
CloudSDLC
Recorded Future

Threat Intelligence Analyst, Global Issues

Recorded Future
Junior · Midfull-timeDistrict of Columbia, Florida, Massachusetts, Washington · 🇺🇸 United States
Posted: 1 day agoSource: boards.greenhouse.io
Open SourcePython
Marmon Holdings, Inc.

IT Security Analyst

Marmon Holdings, Inc.
Mid · Seniorfull-time$96k–$144k / year🇺🇸 United States
Posted: 3 days agoSource: marmon.wd501.myworkdayjobs.com
Cyber SecurityFirewallsVMware