Cyber Security Analyst

CyberSheath Services International LLC is a rapidly growing Security and IT Managed Services Provider primarily focused on providing Cybersecurity services to the Defense Industrial Base (DIB). We are excited to be expanding our staff due to our growth and are looking to add a Cyber Security Analyst to our Security Operations team! 

CyberSheath integrates compliance and threat mitigation efforts and eliminates redundant security practices that don't improve and, in fact, may weaken an organization's security posture. Our professionals tell clients where to stop spending, where to invest, and how to take what they are already doing and integrate it in a way that delivers improved security.  

Successful candidates for CyberSheath are self-motivated, think out of the box, work, and solve issues independently. Additionally, our most successful people are self-starters and willing to put on many hats in order to succeed. CyberSheath is fast-growing and seeks candidates who want to be part of our upward trajectory. 

Job Overview 

The Cyber Security Analyst will support proactive monitoring of client's environments to detect, analyze, track, and mitigate external threats utilizing a multi-tenant security information and event management system (SIEM) and other tools used to provide managed security services. The successful candidate is well versed in numerous security technologies, understands the motivations and capabilities of Advanced Persistent Threat actors, and can communicate risks and make recommendations associated with specific network threats. This role will support the IT and Security Managed Services teams and as well as being a point of contact for security matters. 

Essential Responsibilities (include but are not limited to): 

• Analyze, respond, document and report on potential security incidents identified in customer environments 
• Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets 
• Serve as an incident coordinator for security events that require urgent response, containment, and remediation 
• Develop and maintain Security tooling playbooks/runbooks 
• Continuously review and optimize existing technical processes, configurations, rulesets, technologies. 
• Provide analysis on various security enforcement technologies, including, but not limited to,  SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners, etc. 
• Actively research current threats and attack vectors being exploited in the wild 
• Actively work with associate analysts and perform investigations on escalations 
• Ability to discuss security posture with multiple clients and make recommendations to better their holistic security approach 
  
  

Required Education, Experience, & Skills 

• Minimum of 3 years' experience in Threat Analysis and Threat Intelligence. 
• At least 2 years' experience working in a SOC
• First-hand working experience with industry-leading SIEM/SOAR tooling/providers 
• Prior experience with Sumo Logic, Google Chronicle, and Azure Sentinel is a strong plus. 
• Advanced understanding of query languages 
• Working Kusto (KQL) knowledge is a plus. 
• Networking experience (TCP/IP, Routing, RFC 1918, VPN/Zero-Trust Networking) 
• Strong experience with Office 365 / Entra ID Ecosystems. 
• GCC-High Experience is a plus. 
• Possesses strong troubleshooting, problem-solving, and verbal/written communication skills 
• Excellent communication skills to communicate with support personnel, customers, and managers 
• Demonstrated ability to work in a team environment 
• Must be a U.S. Citizen and reside within the United States or its Territories 
  
  

Preferred Education, Experience, & Skills 

• Microsoft Cloud and Security Certifications (i.e., AZ900, AZ104, SC200, SC300) 
• Industry Security Certifications (CISM, CISSP, CEH, Sec+) 
• Experience working in a fast-paced managed services environment (MSSP)  
• Great organizational skills to balance and prioritize work and multitask 
• Great analytical and problem-solving skills to troubleshoot system problems 
• Ability to work independently and remotely as part of a team 
  
  

Work Environment 

• CyberSheath is a fully remote organization, and this will be a work-from-home position.
• Travel requirements: 0-5% yearly. 
• Please note that this role is slated to work overnights: 

• Week 1 - Monday - Thursday 8pm-8am local time

• Week 2 - Tuesday - Thursday 8pm-8am local time 
  

CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability. 

Budgeted Pay Range

$70,000—$85,000 USD