Cybersecurity Analyst

About The Weather Company:

The Weather Company is the world’s leading weather provider, helping people and businesses make more informed decisions and take action in the face of weather. Together with advanced technology and AI, The Weather Company’s high-volume weather data, insights, advertising, and media solutions across the open web help people, businesses, and brands around the world prepare for and harness the power of weather in a scalable, privacy-forward way. The world’s most accurate forecaster globally, the company reaches hundreds of enterprise clients and more than 360 million monthly active users via its digital properties from The Weather Channel (weather.com) and Weather Underground (wunderground.com).

Job brief:

As a Cybersecurity Analyst, you will play a critical role in protecting our systems, data, and cloud environments from evolving cyber threats. You will drive incident response efforts, proactively hunt for emerging threats, and help shape and implement security controls across the organization. This role requires both advanced technical expertise and the ability to collaborate with cross-functional teams.

The impact you'll make:

• Identify security issues and risks associated with security events and manage the incident response process.
• Monitor public threat and vulnerability disclosure sources to assess organizational impact and collaborate with IT teams to prioritize and validate patching efforts.
• Perform periodic assessments of the cloud environment and implement initiatives to keep pace with the threat landscape.
• Design SOAR automation workflows to streamline repetitive tasks.
• Develop cybersecurity solutions to enhance the overall security posture across on-premises and cloud environments.
• Advocate for "shift-left" practices within the SDLC, championing secure development standards and supporting automated application security tooling integration.
• Maintain incident response playbooks and create technical documentation that remains accessible to relevant stakeholders.
• Other duties as assigned.

What you've accomplished:

• Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, Computer Information Systems, Electrical Engineering or related field; or commensurate experience.
• 3+ years of experience in cybersecurity and information security domains.
• Security-relevant industry certifications from vendors such as CompTIA (e.g., Security+, CySA+), (ISC)² CISSP, or GIAC (e.g., GCIH, GCIA, GPEN).
• Proficiency in enterprise intrusion analysis, log evaluation/correlation, and incident response.
• Solid understanding of Windows and Linux operating systems, command-line tools, and network architecture placement.
• Familiarity with routing, switching, and core protocols, including TCP/IP, DNS, SSH, and HTTPS.
• Experience operating vulnerability scanning solutions (e.g., Tenable, Qualys, Rapid7 InsightVM) and evaluating system patch levels.
• Experience administering and designing custom detection logic for SIEM solutions (e.g., Splunk, Sumo Logic) to align with emerging threats and industry frameworks like MITRE ATT&CK.
• Experience working with security tool APIs to automate data ingestion or response actions.
• Experience administering endpoint security solutions (e.g., CrowdStrike, SentinelOne) and application security tooling (e.g., Veracode, Checkmarx, Snyk).
• Experience administering enterprise proxy or SWG solutions (e.g., Zscaler, Netskope).
• Knowledge of IT controls and industry best practices (NIST, ISO, CIS) within regulated environments (PCI, SOX, HIPAA, COPPA).
• Experience with data protection, disaster recovery, business continuity, and the implementation of remediation strategies.
• Ability to design documentation that describes complex technical details to both technical and non-technical audiences.

• Penetration Testing experience is a plus
• Experience with cloud incident response, security controls, and IAM is a plus (e.g., AWS, GCP, Azure)
• Experience working with N-Tier architecture
• Bash, PowerShell, and Python scripting
• Infrastructure-as-Code (e.g., Terraform, Puppet) experience is a plus.
• Certifications from vendors such as Cisco, McAfee, Microsoft, Oracle, Red Hat, Symantec, or VMware