Cybersecurity Analyst

Essential Functions include, but are not limited to the following:

• Cloud Security - Implement, configure, and manage Microsoft Defender for Teams, SharePoint, and OneDrive. Conduct regular assessments and optimizations of Defender security policies to enhance threat detection and response capabilities. Stay abreast of Microsoft roadmap for this security suite to ensure best practices and the latest security offerings are employed. Assist with assessments of AWS and Azure security reviews.
• Email Security – Implement and maintain email security measures, Defender for Exchange policies, to mitigate email-borne threats and unauthorized access. Regularly review and update email security configurations to adapt to emerging threats and compliance requirements.
• Network Security – Analyze firewall configurations to ensure they align with security policies and best practices. Assess rules for efficacy and coherence to ensure optimal traffic flow while mitigating potential risks. Additionally, manage intrusion detection systems rule and policy configurations, fine-tuning intrusion detection systems to detect and respond effectively to emerging threats.
• Security Education - Administer the security awareness training platform to deliver annual employee training sessions, targeted training modules, and ongoing phishing campaigns. Develop metrics to measure and trend user adoption of safe cyber practices.
• Identity & Access Management - Administer and maintain AHA SSO solution to streamline user authentication processes while enforcing strong access controls and identity management policies. Configure and monitor SSO integrations for enterprise applications to ensure secure access and authentication.
• Security Incident Response – Act as primary for monitoring the cybersecurity inbox and SOC assigned investigations for suspicious activity and/or indicators of compromise. Respond promptly to investigations into potential security breaches. Implement corrective actions to mitigate risks and prevent future incidents. Function as part of the IT Incident Response Team. Manage and/or resolve incident cases generated by the security operations center (SOC) vendor.
• Network Assessments – Support penetration and vulnerability assessments by defining scopes, tracking remediations, and assisting in remediations.
• Security Documentation – Develop and maintain visual representation of firewall and IDS architecture including placement within the network, sensor configurations, and correlation strategies for effective management of these security devices.

Qualifications

Education Required

Bachelor’s or better in Computer Science or related field.

Experience Required

3 years+

•Manage security solutions/technologies for MS environments, incl Defender for Office 365 and MS Azure 

•Configure app access; secure authentication via SSO platforms 

•Configure/manage firewall rules/security policies in zero-trust model environ 

•Investigate security incidents, analyze logs, implement corrective actions to mitigate risks 

•Configure/maintain Exchange email security, incl Defender for Office 365, Exchange online protection, Exchange transport rules/email threat mitigation strats

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)