Apply now »

Position Summary

The Cybersecurity Analyst is responsible for contributing to a variety of cybersecurity functions within the organization. This position is pivotal in maintaining and growing a proactive cybersecurity posture within the organization by promptly addressing security events, helping contribute to our cybersecurity roadmap, and ensuring that all stakeholders are well-informed about potential threats and preventive measures. The ideal candidate for this position is someone with a great technical foundation in cybersecurity, networking, and systems who is hungry to expand on their skills to contribute to an enterprise's overall cybersecurity program.

Key Job Responsibilities

  • Investigate and respond to tickets generated by the organization's Managed Detection and Response (MDR) provider.
  • Actively engage in incident response and root cause analysis. Participate in incident response activities to analyze and remediate cyber threats.
  • Perform internal security audits to assess the organization's security posture, identify potential weaknesses, and recommend corrective measures.
  • Monitor and assess the security of cloud environments (AWS), including review of IAM policies, roles, and permissions to enforce least-privilege access and identify misconfigurations or privilege escalation paths.
  • Analyze cloud security telemetry — including AWS CloudTrail, GuardDuty, Security Hub, CloudFormation Guard and CloudWatch — to detect, investigate, and respond to suspicious activity and policy violations.
  • Educate and raise awareness among the user community about various security threats, best practices, and measures to mitigate risk.
  • Prioritize risk reduction and remediation tasks to support a vulnerability management program.
  • Develop and maintain technical procedures and playbooks focused on incident handling.
  • Communicate effectively with technical and non-technical teams while working to improve overall cybersecurity effectiveness.
  • Participate in tabletop exercises designed to simulate potential cybersecurity incidents.
  • Conduct research, analysis, and correlation of events across a wide variety of data sources.
  • Demonstrate the ability to effectively leverage AI and LLMs to drive value while proactively identifying and mitigating emerging risks.

Required Knowledge, Education, Experience, Skills, And Abilities

  • Bachelor's degree in computer science, cybersecurity or related field or equivalent work experience.
  • 2-3 years of experience in security operations, vulnerability management, security engineering, incident response, or offensive security required.
  • Conceptual and technical knowledge of modern IT environments such as server configuration/architecture, cloud, database management/configuration, networking protocols/designs, and access management/access controls.
  • Working knowledge of AWS security fundamentals, including IAM (users, roles, policies, permission boundaries, and federation), the shared responsibility model, and core security services such as CloudTrail, GuardDuty, Security Hub, Config, and KMS.
  • Familiarity with cloud identity and access management concepts — least-privilege design, role assumption (STS), policy evaluation logic, and detecting over-permissioned or stale credentials.
  • Experience monitoring cloud environments for security events and correlating cloud logs with broader SIEM/MDR data sources is preferred.
  • Strong technical skills with knowledge of a wide variety of tools, and technologies, and experience deploying and monitoring these capabilities to identify cyber threats.
  • Knowledge of common cybersecurity frameworks and how to apply them, e.g., NIST 2.0 CSF, MITRE ATT&CK (including the ATT&CK Cloud matrix).
  • Demonstrated interpersonal skills and ability to work effectively and collaboratively with a wide range of stakeholders.
  • Demonstrated confidence and ease in delivering clear, effective verbal and written communication.
  • Experience in scripting and programming languages such as PowerShell, Bash, or Python is preferred.
  • Cybersecurity training or certifications from organizations such as CompTIA, TCM, SANS/GIAC, OffSec, ISC(2) is preferred; AWS certifications (e.g., AWS Certified Security – Specialty or Solutions Architect Associate) are a plus.

 


Unsolicited Resumes from Third-Party Recruiters: We do not accept unsolicited referrals from third-party recruiters unless such recruiters are engaged and under contract to provide candidates for a specified opening. Any unsolicited resumes submitted without prior agreement will be considered the property of Barton Malow with the right to engage at our sole discretion without any obligations or fees owed.

Apply now »