Cyber Defense Analyst

Job Summary

Required Qualifications

• Bachelor’s Degree in Computer Science, Software Engineering, Computer Engineering, or a related field is desired, or equivalent professional experience.
• At least 1 year of hands-on experience in a Cybersecurity or SOC role.
• Experience with SIEM platforms (e.g., MS Sentinel, Stellar Cyber, Google SecOps).
• Experience with EDR/XDR tools (e.g., SentinelOne, MS Defender, Cortex XDR).
• Knowledge in security infrastructure configuration (Fortinet, Palo Alto).
• Understanding of IAM concepts, including MS Entra ID.
• Experience with cloud environments (GCP, Azure).
• Familiarity with IR, threat detection, and MITRE ATT&CK framework.
• Basic scripting/querying skills (PowerShell, Python, KQL).
• Strong analytical and critical thinking skills to evaluate complex datasets and incidents.
• Excellent communication skills, both verbal and written, for reporting and collaborating with team members.
• Ability to work independently and under pressure while maintaining attention to detail.
• Knowledge with Manage Engine y Microsoft Security product
• Advanced English (required).
• You Will Be Accountable for the Following Responsibilities: Monitor, support, and configure SIEM and endpoint security tools to identify potential threats. Correlate events across endpoints, networks, identity systems, and cloud environments. Conduct initial analysis, triage, and escalation of security alerts following SOC procedures. Assist in fine-tuning detection rules and improving alert accuracy and response efficiency. Provide technical support and configuration assistance for security infrastructure and network controls. Review logs, network activity, and events to detect suspicious behaviors or misconfigurations. Collaborate with infrastructure teams to maintain secure network architecture and ensure connectivity complies with security standards. Support and configure identity protection and access monitoring tools. Analyze authentication patterns, privilege escalations, and abnormal access behaviors. Assist in enforcing secure authentication policies such as MFA and conditional access. Support endpoint protection solutions through configuration, monitoring, and troubleshooting. Validate endpoint compliance, agent health, and policy configuration across devices. Assist with containment and coordination of response actions during incidents. Monitor and assist in the configuration of security controls within cloud environments. Ensure visibility and log collection from cloud workloads into security monitoring platforms. Validate compliance of cloud resources with organizational security baselines. Document incidents, investigations, and configuration changes with accuracy. Contribute to knowledge sharing, SOC playbooks, and process improvement initiatives. Participate in post-incident analysis to identify lessons learned and optimization opportunities.
• LI-LM1

Desired Qualifications

• CompTIA Security+
• Certified SOC Analyst (CSA)
• EC-Council Certified Incident Handler (ECIH)