Job Description

The Cybersecurity Analyst is responsible for monitoring, documenting, and supporting the cybersecurity posture of client's IT and OT environments. This role focuses on reviewing and analyzing security alerts, identifying vulnerabilities, maintaining cybersecurity configurations, and escalating potential threats or incidents to senior team members. The analyst leverages data from multiple cyber defense tools (e.g., SIEM, IDS/IPS, firewalls, network traffic logs) to detect, analyze, and mitigate cybersecurity threats across corporate and operational technology networks.

Essential Duties & Responsibilities

• Monitor, detect, identify, and alert on potential cyberattacks, intrusions, anomalous activity, and misuse events
• Analyze alerts and logs to distinguish malicious activity from normal system behavior
• Support protection of corporate and operational networks through continuous monitoring and analysis
• Analyze logs, packets, and security messages from various systems and applications
• Identify cyber threat tactics, techniques, and methods (TTPs)
• Identify, document, and help remediate gaps in the organization’s cybersecurity posture
• Test systems for vulnerabilities and support vulnerability management initiatives
• Document and escalate incidents in accordance with established procedures
• Respond to urgent cybersecurity events and incidents, including after-hours support as needed
• Review incidents to determine root cause and operational impact
• Monitor external threats and hostile content directed toward organizational or partner interests
• Recommend procedural improvements to support strong cyber hygiene
• Prepare threat briefings, situational updates, and threat activity reports
• Track and report on adversarial activity across enterprise environments

Environment & Technical Focus

• Corporate IT network supporting internet access, routing, security policies, and user access
• Operational Technology (OT) environments supporting building systems such as:
• HVAC, lighting, and electrical systems
• Access control and CCTV
• Building automation and scheduling systems
• Medium-sized, distributed campus environment with fiber-optic infrastructure
• Multiple building environments, each operating as an isolated network within a single domain
• Exposure to log collection, remote troubleshooting, and system monitoring across both IT and OT systems

Education & Required Experience

• Associate’s or Bachelor’s degree in business, technology, or a related field preferred
• 3–5 years of experience in IT security or cybersecurity
• Experience with SIEM platforms, IDS, and IPS technologies
• Experience working with logs, network packets, and security event data
• Basic scripting skills (Python, PowerShell, Bash)
• Experience with vulnerability management and testing
• Experience with network packet analysis
• Experience with log analysis and log management
• Experience with cloud security management interfaces
• Experience with enterprise authentication systems (e.g., Active Directory, IAM platforms)
• Incident handling and response experience preferred

Working knowledge of:

• Core cybersecurity concepts (CIA triad, encryption, risk management)
• Networking protocols and traffic flow
• Cybersecurity threats, vulnerabilities, and threat hunting
• Cybersecurity laws and regulations
• Familiarity with security frameworks such as NIST and MITRE ATT&CK preferred
• Understanding of differences between IT and OT network environments
• Experience working on project teams; project management exposure preferred
• Intermediate understanding of threat intelligence research and methodologies
• Familiarity with adversarial TTPs

Job Tags

Similar Jobs