Cybersecurity Analyst

Overview

The Cybersecurity Analyst plays a critical role in safeguarding the company’s digital assets and ensuring compliance with industry regulations. This role is responsible for monitoring security events, detecting threats, and responding to incidents promptly. An expert in implementing cybersecurity framework and security operations will be essential in maintaining a robust cybersecurity posture.

The Cybersecurity Analyst will lead efforts in managing Managed Service Providers providing SOC services. This role involves firsthand delivery of asset management, risk management, security operations, including monitoring security events, detecting threats, and conducting vulnerability assessments. The responsibilities extend to incident response, managing security incidents, and ensuring timely resolution and mitigation.

Additionally, Cybersecurity Analyst play a pivotal role in developing and implementing security policies, procedures, and best practices to uphold industry standards and regulatory requirements. Leading security awareness and training programs, collaborating with cross-functional teams, and driving continuous improvement in cybersecurity service delivery are also part of responsibilities.

Responsibilities

• Perform asset, threat, Vulnerability analysis to establish risk profile.
• Implement cybersecurity framework as per standards NIST/SOC2/ISO/IEC 27001.
• Develop and implement comprehensive security policies, procedures, and standards to safeguard company assets and information.
• Monitor security alerts, conduct threat detection, and manage incident response efforts.
• Collaborate with cross-functional teams and managed service providers to enhance threat intelligence and incident management capabilities.
• Conduct regular vulnerability assessments and coordinate remediation efforts.
• Ensure timely resolution of identified vulnerabilities to minimize risk.
• Host and participate in security assessment audits and develop plan in audit finding remediation efforts.
• Stay informed about industry regulations and standards (e.g., GDPR, HIPAA, FDA guidelines) and ensure compliance.
• Work closely with Data Privacy, legal and compliance teams to address any cybersecurity-related legal matters.
• Lead security awareness programs for employees, emphasizing best practices and risk mitigation.
• Provide training sessions on cybersecurity hygiene and incident response protocols.
• Manage security incidents, including containment, eradication, and recovery.
• Collaborate with external partners (e.g., Auditors, law enforcement, cybersecurity vendors) as needed.
• Drive continuous improvement initiatives within the cybersecurity operations team.
• Evaluate existing processes and technologies, recommending enhancements where necessary.
• Communicate effectively with internal business stakeholders and cybersecurity advisor board/committee.
• Implemented cybersecurity framework as per standards NIST/SOC2/ISO/IEC 27001.
• Lead MSP’s delivering NOC and SOC services.
• Developed cybersecurity metrics and reports for cybersecurity advisory board/committee.
• Developed and delivered cybersecurity awareness to entire organization.

Qualifications

• Bachelor’s degree in computer science, Information Security, or a related field.
• Relevant certifications (e.g., CISSP, CISM, CEH) preferred.
• Proven experience in security operations, incident response, and vulnerability management.
• Strong knowledge of cybersecurity frameworks (e.g., NIST, SOC2, ISO/IEC 27001) and best practices.
• Awareness of emerging threats and trends in the cybersecurity landscape.
• Excellent communication and leadership skills.
• 5 years of experience in cybersecurity or related roles.
• Experience with security tools and technologies (e.g., SIEM, IDS/IPS, firewalls).
• Demonstrated experience with cybersecurity implementations.
• Demonstrated experience in security operations, incident response, and vulnerability management.
• Knowledge of OSI model, network security, encryption, Zero Trust architecture and authentication protocols.
• Demonstrated knowledge and experience managing and working with:
  • Azure environment including O365 AD, DNS, Azure networking and security, Exchange Online.
  • Networking, WAN/LAN, TCP/IP, VPN, SDWAN.
  • Routers, firewalls, and other network devices.
  • Windows Laptops, iPad, Windows & LINUX VMs.
• Enterprise Antivirus and Endpoint Detection and Response systems.
• Proficiency in identifying and mitigating security threats.
• Experience managing NOC and SOC MSP performance.
• Excellent relationship building and people skills, including cross-cultural competence.
• Proven problem solving, critical thinking, verbal, and written communication skills.
• Experience in delivering IT SOC operations in regulated industry.
• Strong technical skills and knowledge of IT systems and
• Ability to work independently and as part of a team.