Cybersecurity Analyst

SUMMARY

The Cybersecurity Analyst is a frontline operational role responsible for monitoring, investigating, and responding to security alerts and incidents across the organization’s security tool stack, with a primary focus on Cisco Secure Workload, Cisco Secure Endpoint, and Cisco Umbrella.

This position is centered on alert triage, investigation, and execution of incident response activities, leveraging established detections, playbooks, and procedures to identify threats, assess impact, and drive timely remediation. Analysts work closely with Cybersecurity Engineers, who maintain and evolve the underlying platforms, to ensure alerts are accurately interpreted and appropriately handled.

The Cybersecurity Analyst plays a critical role in day-to-day security operations by correlating events across multiple tools, escalating complex issues when required, and providing feedback to engineering teams to continuously improve detection quality and response effectiveness.

JOB RESPONSIBILITIES

• Monitor, analyze, and respond to security events and incidents utilizing Cisco Secure Workload, Cisco Secure Endpoint, and Cisco Umbrella.
  
• Conduct thorough investigations of security alerts to identify root causes, assess impact, and coordinate effective remediation
  
• Leverage Cisco Secure Workload (CSW), Cisco Secure Endpoint (CSE), and Cisco Umbrella to enforce network, endpoint, and DNS-layer security controls and mitigate threats
  
• Perform detailed investigation of security alerts, correlate events across multiple sources, and drive timely incident response.
  
• Collaborate with cross-functional teams (IT, Network, and Application owners) to identify and remediate security risks and vulnerabilities.
  
• Develop and maintain incident response documentation, procedures, and runbooks.
  
• Contribute to the continuous improvement of security monitoring, detection, and response capabilities.
  
• Stay abreast of evolving cyber threats, tactics, techniques, and procedures (TTPs), and emerging industry trends
  
  

QUALIFICATIONS

• Bachelor’s degree in Computer sScience, Information Technology, Cybersecurity, or a related field (or equivalent experience).
  
• Minimum of 5+ years of hands-on experience in cybersecurity operations, preferably within a Security Operations Center (SOC).
  
• Demonstrated expertise with Cisco security technologies, specifically:
  
• Cisco Secure Workload (CSW)
  
• Cisco Secure Endpoint (CSE)
  
• Cisco Umbrella
  
• Strong knowledge of endpoint security, workload security, network security, and threat detection methodologies.
  
• Solid understanding of networking protocols, DNS, and security architecture principles.
  
  

Preferred Qualifications

• Experience with CrowdStrike Falcon platform for endpoint detection and response.
  
• Proficiency in ServiceNow (SNOW) for incident, problem, and change management.
  
• Relevant industry certifications such as CyberOps, Security+, CySA+, GCIH, CCNA or equivalent.
  
• Experience integrating security tools with SIEM platforms and ticketing systems.
  
  

JOB REQUIREMENTS

• Should be willing to accept a long-term work-from-home arrangement.
  
• Should be amenable to a permanent night shift schedule.