Cybersecurity Analyst
Listed on 2026-07-09
-
IT/Tech
Cybersecurity
The Cybersecurity Analyst is responsible for contributing to a variety of cybersecurity functions within the organization. This position is pivotal in maintaining and growing a proactive cybersecurity posture by promptly addressing security events, contributing to the cybersecurity roadmap, and ensuring stakeholders are well informed about potential threats and preventive measures. The ideal candidate has a strong technical foundation in cybersecurity, networking, and systems, and is eager to expand their skills to contribute to the overall cybersecurity program.
Key Job Responsibilities- Investigate and respond to tickets generated by the organization’s Managed Detection and Response (MDR) provider.
- Actively engage in incident response and root cause analysis. Participate in incident response activities to analyze and remediate cyber threats.
- Perform internal security audits to assess the organization’s security posture, identify potential weaknesses, and recommend corrective measures.
- Monitor and assess the security of cloud environments (AWS), including review of IAM policies, roles, and permissions to enforce least‑privilege access and identify misconfigurations or privilege‑elevation paths.
- Analyze cloud security telemetry—including AWS Cloud Trail, Guard Duty, Security Hub, Cloud Formation Guard, and Cloud Watch—to detect, investigate, and respond to suspicious activity and policy violations.
- Educate and raise awareness among the user community about various security threats, best practices, and risk‑mitigation measures.
- Prioritize risk reduction and remediation tasks to support a vulnerability management program.
- Develop and maintain technical procedures and playbooks focused on incident handling.
- Communicate effectively with technical and non‑technical teams while working to improve overall cybersecurity effectiveness.
- Participate in tabletop exercises designed to simulate potential cybersecurity incidents.
- Conduct research, analysis, and correlation of events across a wide variety of data sources.
- Demonstrate the ability to effectively leverage AI and LLMs to drive value while proactively identifying and mitigating emerging risks.
- Bachelor’s degree in computer science, cybersecurity, or related field or equivalent work experience.
- 2–3 years of experience in security operations, vulnerability management, security engineering, incident response, or offensive security.
- Conceptual and technical knowledge of modern IT environments such as server configuration and architecture, cloud, database management and configuration, networking protocols and designs, and access management and controls.
- Working knowledge of AWS security fundamentals—including IAM (users, roles, policies, permission boundaries, and federation), the shared responsibility model, and core security services such as Cloud Trail, Guard Duty, Security Hub, Config, and KMS.
- Familiarity with cloud identity and access management concepts—least‑privilege design, role assumption (STS), policy evaluation logic, and detecting over‑permissioned or stale credentials.
- Experience monitoring cloud environments for security events and correlating cloud logs with broader SIEM/MDR data sources is preferred.
- Strong technical skills with knowledge of a wide variety of tools, technologies, and experience deploying and monitoring these capabilities to identify cyber threats.
- Knowledge of common cybersecurity frameworks and how to apply them, e.g., NIST CSF, MITRE ATT&CK (including the ATT&CK Cloud matrix).
- Demonstrated interpersonal skills and ability to work effectively and collaboratively with a wide range of stakeholders.
- Demonstrated confidence and ease in delivering clear, effective verbal and written communication.
- Experience in scripting and programming languages such as Power Shell, Bash, or Python is preferred.
- Cybersecurity training or certifications from organizations such as CompTIA, TCM, SANS/GIAC, Off Sec, ISC(2) is preferred; AWS certifications (e.g., AWS Certified Security – Specialty or Solutions Architect Associate) are a plus.
This position does not offer relocation assistance and is not eligible for visa sponsorship (e.g., H‑1B). Applicants must be currently authorized to work in the United States on a permanent basis and reside within a reasonable commuting distance of Southfield, Michigan.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).