BrooksourceRemote
Cyber Security Analyst
United States of America
Contract
2 weeks ago
$45 USD
H1B Sponsor Likely
Key skills
SplunkLeadership
About this role
Brooksource is working with a large enterprise organization focused on protecting critical infrastructure through innovative operations. The Cyber Security Analyst role involves day-to-day security monitoring, investigation, and incident response within an enterprise environment, collaborating with internal teams and an external SOC provider to enhance security measures.
Responsibilities:
- Monitor and investigate security alerts and incidents across enterprise systems
- Partner with an external SOC provider to triage alerts and respond to escalations
- Perform initial incident analysis, containment actions, and detailed documentation
- Escalate and coordinate response efforts for high‑severity incidents
- Administer and operate core security tools, including: Rapid7 (vulnerability management), SentinelOne (endpoint detection and response), Abnormal Security (email threat protection)
- Review security alerts, tune detection rules, and continuously improve alert quality
- Review, prioritize, and track vulnerabilities identified through scanning tools
- Partner with infrastructure teams to support remediation and mitigation efforts
- Track and report on security incidents, trends, and performance metrics (MTTD, MTTR)
- Maintain thorough documentation of incidents, response actions, and lessons learned
- Contribute to regular cybersecurity reporting and metrics for leadership
- Support the development and refinement of: Incident response playbooks, Standard operating procedures for common threat scenarios
- Participate in tabletop exercises and incident simulations
- Collaborate closely with: Infrastructure teams (endpoint, server, network), Cybersecurity engineering leadership, External SOC partners
Requirements:
- 2–3 years of experience in cybersecurity, IT security, or a related field
- Hands‑on experience with one or more of the following: Rapid7, SentinelOne, Abnormal Security
- Experience with: Security incident investigation and response, Vulnerability management processes, Log analysis and alert triage
- Experience working with a SOC or MDR provider
- Familiarity with SIEM platforms (e.g., Splunk, Microsoft Sentinel)
- Understanding of common attack vectors (phishing, ransomware, credential compromise)
- Security certifications such as Security+, CySA+, or similar are a plus