Respond to and investigate security alerts, events, and incidents in a timely manner
Triage alerts and determine severity, scope, and potential impact
Analyze activity across tools such as CrowdStrike, Microsoft Defender for O365, Zscaler, and Abnormal
Support containment, remediation, and recovery actions during incidents
Document findings, actions, and decisions in the ITSM platform and track incidents through closure
Work with internal teams (Cloud, DevOps, Infrastructure, Client Services, AppSec) to investigate issues and execute containment and remediation actions
Correlate data across multiple systems to validate threats and reduce false positives
Identify gaps and contribute to improvements in detection, alerting, and response processes

Bachelor’s degree in Computer Science, Information Technology, or equivalent experience is preferred
4+ years of experience in cybersecurity or information security, including at least 2 years in incident response or security investigations
Hands-on experience analyzing and responding to security events, including log analysis, research, and coordinating across multiple tools and teams
Experience with endpoint detection and response tools (e.g., CrowdStrike) and SIEM platforms
Experience investigating alerts across endpoint, identity, email, or network environments
Familiarity with tools such as Microsoft Defender for O365, Zscaler, or similar platforms
Experience working in cloud environments (AWS, Azure, or similar)
Strong analytical, problem-solving, and communication skills, with the ability to manage multiple tasks

Cyber Security Analyst

Key skills