Cyber Security Analyst - Tier 3

Hiring in Hines, IL Austin, TX Martinsburg, WV All onsite positions. Two Positions: 1st shift Sunday – Thursday | 0700-1530 2nd shift Tuesday – Saturday | 0700-1530 Job Summary We are seeking a Tier 3 Cybersecurity Analyst to join our Security Operations Center, where you will lead efforts in detecting, analyzing, and responding to the most challenging cyber threats. Your responsibilities will include onboarding new detection technologies, crafting and updating incident response playbooks, and leading investigations of escalated incidents by analyzing attack patterns and determining root causes. You will act as a trusted advisor to junior analysts, providing mentorship and technical expertise during complex investigations. The role requires strong collaboration skills to work effectively with forensics, threat intelligence, and IT teams, as well as the ability to clearly communicate incident updates to management and stakeholders. You will develop advanced analytics use cases, continuously monitor and improve the efficacy of automation processes, and utilize SOAR platforms to streamline and automate response actions. Staying informed of the latest cyber threats and best practices, you will also participate in exercises and simulations to keep incident response capabilities sharp. If you are passionate about tackling sophisticated cyber threats in a high-pressure environment and making a significant impact on enterprise security, this role offers a rewarding opportunity. Requirements • Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related field (or equivalent work experience) – Must have. • 8+ years of experience supporting large-scale IT-related projects (Must have). • 7+ years of experience supporting incident response in an enterprise-level Security Operations Center (SOC) that includes monitoring of cloud environments (Must have). • Industry certifications, such as CISSP, GCIH, GCFA, CEH, or equivalent. MUST HAVE one of the following certificates is required. • A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure our SOC operates effectively in a high-pressure environment. • Industry certifications, such as CISSP, GCIH, GCFA, CEH, or equivalent. One of the following certificates is required. • Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools • Experience withenterprise ticketing systemslike ServiceNow. • Excellent analytical and problem-solving skills. • Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight. • Ability to learn and function in multiple capacities and learn quickly. • Strong verbal and written communication skills Responsibilities • Work with the detection engineering team to onboard and operationalizenew cloud detection tools, including Azure Sentinel, AWS Guard Duty, Netskope CASB, etc. • Develop playbooks for cloud incident response. • Lead and actively participate in the investigation, analysis, and resolution of Tier 3 and escalated cybersecurity incidents. Analyze attack patterns, determine the root cause, and recommend appropriate remediation measures to prevent future occurrences. • Serve as a cloud subject matter expert in handling incidents of varying complexity, providing guidance and support to Tier 1 and Tier 2 analysts during investigations. • Ensure accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned. Collaborate with knowledge management teams to maintain up-to-date incident response playbooks. • Collaborate effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators. • Communicate technical information and incident-related updates to management and stakeholders. • Develop and operationalize advanced security analytics use cases to detect and respond to sophisticated cyber threats in real-time. • Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy. • Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions. • Support the mentoring and training of more junior IR staff. • Stay informed about the latest cybersecurity threats, trends, and best practices. Actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities. Benefits: • Our team offers a full benefits package including: • Full Medical, Dental, Prescription, and Vision health care • 11 Paid Holidays annually • Paid time off • Short Term, Long Term Disability, and Life Insurance • Employee Assistance Program (EAP) • Training and Development opportunities, including professional certification and educational reimbursement • Our team provides employment opportunities for all employees and applicants by applicable federal, state, and local laws. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Job Type: Full-time Pay: $110,000.00 - $125,000.00 per year Benefits: • Dental insurance • Employee assistance program • Health insurance • Life insurance • Paid time off • Vision insurance Application Question(s): • Do you have Industry certifications, such as CISSP, GCIH, GCFA, CEH, or equivalent.? One of the following certificates is required. Which do you have? • This position requires the ability to obtain and maintain a federal security clearance. Only U.S. citizens are eligible for this clearance. Are you a U.S. citizen? • Do you have experience in Incident Response role directly responding to, mitigating, and triaging incidents and alerts? How many years? • Do you have experience triaging alerts utilizing cloud tools such as Azure, AWS, etc.? Education: • Bachelor's (Required) Experience: • Cybersecurity Analyst: 8 years (Required) License/Certification: • CISSP, GCIH, GCFA, CEH Industry certifications? (Required) Work Location: In person