Security Analyst

Bachelor s or Master s degree in Information Technology, Computer Science, Cybersecurity, or a related field, or equivalent practical experience. 6+ years of experience in cybersecurity operations, red teaming, or threat hunting. Deep understanding of the MITRE ATT&CK framework, threat actor tactics, techniques, and procedures (TTPs), and common attack vectors. Strong expertise in attack surface management, vulnerability management, cloud security, network security, and cyber hygiene. Experience implementing security controls across multi-cloud environments (AWS, Azure, Google Cloud Platform). Advanced knowledge of enterprise IT architecture, networking, system administration, and data flows across systems. Proficiency in scripting and automation (e.g., Python, PowerShell) to enhance operational efficiency. Hands-on experience with OSINT and reconnaissance methodologies. Familiarity with offensive security methodologies and ethical hacking practices. Strong understanding of regulatory and compliance frameworks (e.g., PCI, SOC 2) and associated controls. Experience developing and scaling attack surface management capabilities, including mentoring junior analysts. Knowledge of integrating security into CI/CD pipelines and modern DevSecOps practices. Strong leadership, communication, and stakeholder management skills. Preferred certifications: OSCE, GREM, CISSP. Awareness of emerging technologies, including the application of AI within the attack surface management domain