Cybersecurity Analyst
Role details
Job location
Tech stack
Job description
The Cybersecurity Analyst is the operational owner of KPI Solutions' day-to-day information security program. The role provides 24/7 detection, analysis, response, containment, and remediation of threats directed against KPI, and serves as the principal technical contact for KPI's security tooling (SIEM/EDR, email security, MDM, IAM, PAM) and for KPI's compliance programs (SOC 2 Type 2 plus partner and internal policy frameworks). The Analyst partners with IT Operations/Infrastructure, IT Compliance, business units, vendors, and clients to continuously strengthen KPI's security posture., * Monitor SIEM/alerts (Rapid7 InsightIDR, Microsoft Defender, Abnormal Security) on a 24/7 basis across KPI networks, servers, cloud platforms, and endpoints.
- Monitor for and respond to security alerts; perform first-level triage, containment, and isolation/restoration of affected systems.
- Conduct intrusion detection analysis, correlate events across systems, and document formal technical incident reports (e.g., Jira incident write-ups).
- Lead investigations of phishing, account compromise, and token-theft events, including mailbox review, removal of malicious inbox rules, and data-exposure assessment.
- Coordinate Security Incident Follow-up cadence with MDR/MSSP partners and execute response playbooks.
SOC 2 & Audit Readiness
- Provide control evidence to auditors and supply logs, screenshots, and exported configurations on request.
- Serve as the primary technical contact for the SOC 2 Type 2 audit and the Ares Cyber Program quarterly reviews.
- Maintain logs and reports required for ongoing audit readiness and remediation tracking.
Privileged Access Management (PAM)
- Define PAM policies and implement supporting tooling.
- Perform recurring privileged-access reviews, monitor usage/logs, and track exceptions.
- Review and approve or deny privileged access requests.
Device & Patch Management
- Define endpoint security baselines and track policy compliance across managed devices.
- Monitor EDR/NGAV coverage and disk encryption (BitLocker, USB encryption) and maintain audit trail.
- Partner with IT Operations and Compliance to validate Intune/ManageEngine patch deployment and address vendor-reported critical vulnerabilities.
Mail & DNS Security
- Design and maintain SPF/DKIM/DMARC, tune phishing filters (Abnormal/Defender), and track mail security settings.
- Investigate mail-borne threats, manage quarantine release decisions, and ensure audit coverage of mail security controls.
Backups & Disaster Recovery
- Review backup security configurations, validate encryption, and participate in DR testing.
- Log DR test results and prepare related audit artifacts.
Network Security
- Define network segmentation requirements and ensure segmentation policy is enforced.
- Maintain audit evidence for VLAN/firewall configurations and tune IDS/IPS/SIEM detections.
Asset Tracking
- Classify critical assets, maintain the asset control matrix, and map assets to audit scope.
- Flag unmanaged or "Not Monitored" devices and drive remediation.
Data Loss Prevention (DLP)
- Tune DLP rules, deploy/maintain agents, and review DLP incidents.
- Partner with the Compliance Analyst to identify client data and intellectual property requiring protection.
MDM / MAM
- Enforce app protection and configure Intune/MDM device compliance policies.
- Track enrollment status and monitor access from managed devices.
Identity & Access Management
- Drive SSO rollouts and conditional access design via Microsoft Entra.
- Perform monthly roster / ADP-to-AD reconciliation and produce active employee/contractor lists for leadership and audit.
- Audit offboarding to ensure terminated accounts remain disabled.
- Monitor for non-compliant platform usage and intervene as required to ensure compliance with KPI policies.
Security Awareness
- Run phishing simulations (Microsoft Attack Simulation) and assign role-based training through KnowBe4, including Snyk for engineering staff.
- Customize training content, track completion, escalate non-completion, and share threat trends with the organization.
Policy, Documentation & Reporting
- Author and maintain enterprise security documents (policies, standards, baselines, guidelines, procedures) in Vanta, including the Incident Response Plan and Operations Security Policy.
- Compile and analyze data for management reporting, KPIs, and the Monthly Vulnerability & Risk Register Review and Weekly Threat Intelligence Review.
- Monitor threat intelligence feeds and apply MITRE ATT&CK and similar frameworks to identify TTPs.
Vendor & Tool Management
- Serve as technical evaluator and primary point of contact for security vendors (Rapid7, Insight Assurance, Abnormal, KnowBe4, Intrust IT, Securden, Vanta, JFrog, Salesforce Security).
- Coordinate penetration testing engagements and review deliverables.
Requirements
Do you have experience in Vuls?, * BS/BA in Computer Science, Electrical Engineering, Information Security, or related field. Equivalent experience will be considered.
- Progressive experience in software, automation, or logistics environments characterized by service, employee engagement, and a culture of accountability.
- Hands-on experience administering SIEM/EDR (Rapid7 preferred), Microsoft Defender, Abnormal Security or comparable email security, KnowBe4 or comparable SAT platform, Intune, and a PAM tool such as Securden.
- Working knowledge of SOC 2 Type 2 evidence collection and audit support.
- Strong organizational, project management, and written/oral communication skills; ability to build relationships and establish trust at all levels.
- High ethical and professional standards; self-starter, decisive, high energy.
Skills and platform experience considered a plus:
- Microsoft Purview / Data Protection
- Microsoft Intune
- Rapid 7
- MS O365 / Azure
- SharePoint
- Vanta
- MITRE ATT&CK proficiency
- Industry cybersecurity certifications (Security+, CySA+, CISSP, etc.)
Benefits & conditions
Pulled from the full job description
- Pet insurance
- AD&D insurance
- 401(k)
- Health insurance
- Paid time off
- Vision insurance
- Dental insurance