Cyber Security Analyst (Azure)

A travel client based in Woodland Hills is seeking a Level 2 Cyber Security Analyst to join their cybersecurity team, which consists of approximately ten members, including analysts, engineers, and project managers. This role is integral to identifying, analyzing, and responding to security incidents across the organization's Azure-based environment. Key responsibilities include monitoring security alerts, conducting in-depth investigations, and escalating complex threats when necessary. The cloud infrastructure is centered on Microsoft Azure and includes tools such as Microsoft Sentinel, Microsoft Defender for Endpoint (MDE), Cloud Security Posture Management (CSPM), Data Loss Prevention (DLP), Microsoft Baseline Environment (MBE), among others. The analyst will be responsible for executing KQL queries and performing threat hunting within the Microsoft ecosystem. A strong foundation in Azure security services, SIEM tools, and network security principles is essential.

The role's time allocation is approximately:

• 30% incident response (with a 1-hour SLA)
• 30% validating security posture and risk levels with cross-functional teams
• 20% monitoring the InfoSec mailbox to identify phishing attempts and end-user reports (1-hour SLA)
• 20% supporting ongoing security projects While critical incidents are rare, they carry a 15-minute SLA. Projects may include achieving NIST 3.0 compliance, enhancing documentation standards, implementing Azure security plugins, and more. This is a hybrid role requiring on-site presence in Woodland Hills, CA three days per week-Monday, Wednesday, and Thursday.

• 3+ years of cybersecurity experience, specifically in Azure security/Microsoft Sentinel environments
• Proficiency with KQL queries for data exploration, anomaly detection, and pattern analysis (in Sentinel)
• (Queries and table questions will come up on the interview) Advanced threat hunting - part of Microsoft Defender for cloud apps

Nice to Have Skills & Experience

• Exposure to NIST 3.0 framework

• Experience with PCI audits

• Azure certifications

• Experience with AWS CloudWatch and CloudTrail

• Solid understanding of networking, virtual machines, and experience with Palo Alto firewalls Strong documentation and project management skills using tools like Jira, SharePoint, and ServiceNow

• Experience in enterprise-scale environments (any industry)

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.