Cybersecurity Analyst

Canonsburg, PA
Full Time
Mid Level

The Cybersecurity Analyst strengthens endpoint, identity, and detection controls by operating and improving EDR, SIEM, vulnerability management, Azure Entra ID/Active Directory, and security awareness programs while supporting real-world investigations.
This is a hands-on analyst role, compensation and scope reflect direct ownership and operation of security tools rather than a purely advisory or architectural function.
Duties and Responsibilities

  • Monitor SIEM and EDR alerts, investigate and document findings, escalate per runbooks, and tune detections to reduce noise while maintaining coverage
  • Perform root-cause analysis of incidents where applicable
  • Conduct periodic threat hunting aligned with current attacker techniques
  • Maintain EDR policies, agent health, and containment workflows, and coordinate remediation with IT operations
  • Perform vulnerability scans, prioritize CVEs, drive patching or mitigations, track SLAs, and report risk trends
  • Enforce MFA and Conditional Access, review privileged access, and support identity hardening and authentication policies
  • Plan and execute phishing simulations and role-based security awareness training, reporting metrics and driving behavior improvement
  • Develop SIEM analytics and playbooks, enrich detections, and support incident response and post-incident reviews
  • Maintain procedures and evidence, support audit and risk activities, and contribute to the security policy lifecycle

Requirements
Education:
Bachelor’s degree in information technology, Cybersecurity, Computer Science, or a related field preferred. Equivalent relevant work experience may be substituted.
Experience:
1–5+ years in cybersecurity or IT operations, or equivalent hands-on experience. Candidates are expected to be comfortable working directly in security tools; depth of responsibility will align with experience. Preferred hands-on experience in several of the following areas:

  • EDR policy management, investigations, and containment
  • Alert triage, query development, dashboards, and runbooks
  • Vulnerability scanning, prioritization, and remediation
  • Azure Entra ID / Active Directory with MFA, Conditional Access, and privilege hygiene
  • Cybersecurity awareness training and phishing campaigns with metrics reporting
  • PowerShell: ability to read and modify basic scripts; advanced scripting a plus.
  • Familiarity with ticketing and change management
  • Clear incident documentation and concise stakeholder updates
  • Experience supporting audits or security questionnaires

Skills/Knowledge:

  • Security Tooling (transferable): SIEM (Microsoft Sentinel, Splunk, ConnectWise), EDR (CrowdStrike, SentinelOne, Microsoft Defender), vulnerability management (Tenable, Qualys), and security awareness platforms (KnowBe4)
  • Working knowledge of security frameworks (NIST CSF, 800-53/800-171, CIS Controls)
  • Azure and Microsoft 365 security fundamentals, detection tuning and automation using KQL and PowerShell
  • Comfortable learning new tools and techniques while working on real investigations.

Other:

  • Separates signal from noise and uses data to justify tuning and remediation
  • Drives incidents and vulnerabilities to closure with cross-functional teams
  • Balances security controls with user experience and operational impact
  • Translates technical risk for non-technical audiences
Share

Apply for this position

Required*
We've received your resume. Click here to update it.
Attach resume or Paste resume
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Human Check*