onsite

Cyber Security Analyst - Staff4Me

Security Engineer

Mid‑level analyst who investigates SOC alerts, performs deep‑dive analysis across SIEM, EDR, network, identity, cloud, and email security platforms, validates events, and leads initial incident containment.

About the role

The Mid-Level Cyber Defense Analyst uses defensive measures and information collected from a variety of sources to identify, analyze, and report vulnerabilities and malicious events. This role focuses on maintaining the integrity of our internal and cloud networks by conducting deep-dive analysis of security data, recognizing operational trends, and leading initial incident containment efforts.

Responsibilities:

Investigate security alerts escalated by SOC Level 1 analysts.
Perform deeper analysis of suspicious activity across SIEM, EDR, network, identity, cloud, and email security platforms.
Validate whether security events represent false positives, suspicious behavior, policy violations, or confirmed cybersecurity incidents.
Correlate events across multiple log sources to identify attack patterns, affected assets, compromised accounts, lateral movement, malware activity, or unauthorized access.
Determine the scope, severity, business impact, and urgency of security incidents.
Recommend containment, eradication, and remediation actions to the appropriate technical teams.
Create and maintain accurate incident timelines, investigation notes, evidence records, and escalation summaries.
Support phishing investigations, endpoint compromise analysis, suspicious login reviews, malware alerts, brute-force attacks, data exfiltration indicators, and cloud security events.
Review and improve SOC playbooks, investigation procedures, and escalation criteria.
Provide technical guidance, coaching, and feedback to SOC Level 1 analysts.
Identify recurring false positives and recommend tuning improvements for SIEM, EDR, and other detection platforms.
Participate in post-incident reviews and provide recommendations to improve detection, response, and prevention.
Support shift handovers by documenting open incidents, pending actions, and important operation contexts.

Requirements

2 to 4 years of experience in SOC operations, cybersecurity monitoring, incident response, security operations, network security, endpoint security, or infrastructure security.
Previous experience as a SOC Analyst L1 or equivalent role.
Experience investigating real security alerts and documenting incident findings.
Practical knowledge of SIEM, EDR, identity logs, firewall logs, email security alerts, and endpoint events.
Experience escalating incidents and recommending remediation actions.
Preferred Certifications: CompTIA CySA+, Blue Team Level 1 / BTL1, Blue Team Level 2 / BTL2, Microsoft AZ-500, CompTIA Security+, CompTIA Network+, Cisco CCNA, Fortinet FCP / NSE, Microsoft AZ-500, as a plus for cloud/security environments, eCIR .
Language: English C1 is required

Originally posted on Himalayas

About the role

Responsibilities:

Investigate security alerts escalated by SOC Level 1 analysts.
Perform deeper analysis of suspicious activity across SIEM, EDR, network, identity, cloud, and email security platforms.
Validate whether security events represent false positives, suspicious behavior, policy violations, or confirmed cybersecurity incidents.
Correlate events across multiple log sources to identify attack patterns, affected assets, compromised accounts, lateral movement, malware activity, or unauthorized access.
Determine the scope, severity, business impact, and urgency of security incidents.
Recommend containment, eradication, and remediation actions to the appropriate technical teams.
Create and maintain accurate incident timelines, investigation notes, evidence records, and escalation summaries.
Support phishing investigations, endpoint compromise analysis, suspicious login reviews, malware alerts, brute-force attacks, data exfiltration indicators, and cloud security events.
Review and improve SOC playbooks, investigation procedures, and escalation criteria.
Provide technical guidance, coaching, and feedback to SOC Level 1 analysts.
Identify recurring false positives and recommend tuning improvements for SIEM, EDR, and other detection platforms.
Participate in post-incident reviews and provide recommendations to improve detection, response, and prevention.
Support shift handovers by documenting open incidents, pending actions, and important operation contexts.

Requirements

2 to 4 years of experience in SOC operations, cybersecurity monitoring, incident response, security operations, network security, endpoint security, or infrastructure security.
Previous experience as a SOC Analyst L1 or equivalent role.
Experience investigating real security alerts and documenting incident findings.
Practical knowledge of SIEM, EDR, identity logs, firewall logs, email security alerts, and endpoint events.
Experience escalating incidents and recommending remediation actions.
Preferred Certifications: CompTIA CySA+, Blue Team Level 1 / BTL1, Blue Team Level 2 / BTL2, Microsoft AZ-500, CompTIA Security+, CompTIA Network+, Cisco CCNA, Fortinet FCP / NSE, Microsoft AZ-500, as a plus for cloud/security environments, eCIR .
Language: English C1 is required

Originally posted on Himalayas

Cyber Security Analyst - Staff4Me

About the role

Cyber Security Analyst - Staff4Me

About the role

Skills