Cybersecurity Analyst

Job Description:

The Cybersecurity Analyst protects enterprise systems, data, and users by monitoring, detecting, investigating, and responding to security events. This exempt role exercises independent judgment to analyze complex alerts, improve defenses, and drive preventive controls, while partnering with the IT Director, Legal/Compliance, and business stakeholders to reduce risk.

This position will be considered fully remote, but travel will be required to UniTek locations as needed.

Job Responsibilities:

Support enterprise cybersecurity in a variety of concepts including:

• Threat Monitoring & Incident Response
• - Monitor SIEM and EDR tools; triage alerts, contain and eradicate threats, and perform root‑cause analysis.
• Lead incident response playbooks, coordinate post‑incident reviews, and document lessons learned.
• Vulnerability & Patch Management
• - Run regular scans, validate findings, prioritize remediation based on risk, and track closure.
• Collaborate with infrastructure/app teams to align patch windows and verify fixes.
• Identity, Access & Endpoint Security
• - Enforce MFA, least privilege, and privileged access reviews; support MDM and endpoint hardening baselines.
• Security Engineering & Hardening
• - Tune SIEM/EDR/IDS signatures, maintain logging/alerting rules, and improve detection fidelity.
• Support firewall, proxy, email security, and zero‑trust policy updates.
• Governance, Risk & Compliance
• - Map controls to frameworks (e.g., NIST CSF/800‑53, CIS), help with audits, and maintain security policies/standards.
• Contribute to third‑party risk assessments and vendor security due diligence.
• Awareness & Training
• - Provide targeted user training and phishing simulations; publish tips and KB articles.
• Documentation & Metrics
• - Maintain IR runbooks, architecture diagrams, and control evidence.
• Produce KPIs/KRIs (MTTD/MTTR, patch SLAs, phishing failure rates) for leadership.

Requirements:

Qualifications

• 3–5 years of experience in cybersecurity, SOC, incident response, or closely related IT security roles.
• Hands‑on experience with SIEM (e.g., Splunk, Sentinel), EDR (e.g., CrowdStrike, Defender for Endpoint), vulnerability management (e.g., Tenable, Qualys), MFA/IdP, and endpoint hardening.
• Solid grasp of networking, Windows/Linux, identity/access controls, and email/web security gateways.
• Strong analytical, written, and verbal communication skills; ability to act with autonomy (exempt‑level scope).

Preferred

• Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or related field (or equivalent experience).
• Certifications such as Security+, CySA+, GSEC, SSCP; higher‑level (CISSP, CISM) is a plus for advanced scope.
• Experience with cloud security (M365/Azure, AWS), zero‑trust, and automation/scripting (PowerShell, Python).

Work Conditions

• Periodic on‑call for security incidents; occasional after‑hours change windows.
• Ability to travel as needed for response/testing; otherwise remote.