Cybersecurity Analyst

Summary of Position

The Cybersecurity Analyst will primarily lead incident response efforts, including threat detection, investigation, and remediation, while also supporting security operations, tool enhancements, and risk assessments within the global infrastructure.

Work Schedule: 9am - 5pm, hybrid schedule, on-site 2 days a week

Essential Functions

Primary Responsibilities: Incident Response & Security Operations:

• Lead and manage cybersecurity incident response efforts, ensuring timely detection, analysis, containment, and remediation of security incidents.
• Monitor and analyze alerts from security tools such as EDR, SIEM, investigating potential threats and escalating as needed.
• Perform threat hunting to proactively identify and mitigate security risks.
• Collaborate with central team to analyze indicators of compromise and execute appropriate incident response actions.
• Track security operations metrics (KPIs, alert levels, and communication strategies) to improve threat detection and response capabilities.

Secondary Responsibilities: Security Operations & Strategy:

• Support and enhance IT security operations, ensuring daily security monitoring and response.
• Provide guidance and escalation support on all security functions.
• Contribute to the design, maturity, and continuous improvement of security operations tools, methodologies, and processes.
• Assess IT changes and projects from a cybersecurity perspective and propose adequate security measures.
• Assist in the deployment, operation, and ongoing development of security tools and technologies.
• Adhere to internal company policies and processes advised by respective internal teams; Compliance, HRSOPs, etc.
• Must maintain operational compliance with US and international regulatory agencies and guidelines (i.e. FDA<EU, HC, TGA, PIC/S, ISO, USP, NRC, cGMP, etc.).

Requirements

• 3+ years’ hand-on experience in incident detection and response, threat hunting and security monitoring.
• 3+ years’ experience with SIEM and XDR tools. 
• Ability to identify and propose solutions that improve security capabilities and drive operational efficiencies. 
• Familiarity with common network, system, infrastructure, and web application attack vectors and related mitigation strategies.
• Effective communication in English to translate technical risks and exposures to the business.
• Ability to participate in IT projects as a cyber security representative and the ability to independently manage security projects. 
• Excellent analytical, troubleshooting, and interpersonal skills.
• CISSP certification is considered an advantage. 
• Advanced certifications such as SANS GIAC/GCIA/GCIH and/or SIEM-specific training and certification considered as advantage. 
• Familiar with MITRE ATT&CK framework, NIST Incident Response process or ISO27000 standards considered as advantage.

Working Conditions:

• Standard office environment.
• Willingness to work in a team-based environment.
• Close attention to detail required.
• May be required to sit or stand for long periods of time while performing duties .
• Must be able to work outside of regular work hours, including off shift, weekend, and holiday work as business needs require. 

Competencies