Monitor security alerts and logs from security tools (SIEM, EDR, cloud security platforms)
Triage, investigate, and escalate security events and incidents
Assist with incident response activities, evidence collection, and post-incident reviews
Support vulnerability management activities, including scan reviews and remediation tracking
Help maintain detection rules, alerts, and operational runbooks
Manage user lifecycle processes (onboarding, offboarding, role changes)
Administer identity platforms (e.g., Google Workspace, cloud IAM, SSO providers)
Enforce least-privilege access and role-based access controls
Review and certify user access on a recurring basis
Assist with MFA enforcement and access exception tracking
Support endpoint management activities (macOS, Windows, mobile devices)
Assist with endpoint security tooling (EDR, MDM, disk encryption, patching)

Requirements

2–4 years of experience in information security, IT operations, or a related role
Hands-on experience with IAM concepts (SSO, MFA, RBAC, least privilege)
Familiarity with security operations concepts (SIEM, EDR, alert triage)
Basic understanding of cloud platforms (GCP, AWS, or Azure)
Experience supporting macOS and/or Windows endpoints

Benefits

Paid time off
Professional development opportunities
Health insurance
Retirement plans

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

incident responsevulnerability managementendpoint managementsecurity event triageevidence collectiondetection rules maintenanceuser access certificationMFA enforcementdisk encryptionpatching

Soft Skills

investigationescalationsupportadministrationenforcement