Company
Technology
ITCyberDefenseAnalyst
Neural analysis suggests this role is
optimal for Mid+ candidates.
“IT Cyber Defense Analyst. Skills: Security Incident Response, SIEM tools, EDR/XDR platforms, Log analysis. Triage security incidents. Analyze security incidents”
Industry & Context.
Analytical skills; Problem-solving skills
Rotational 24/7 shifts
What They're Looking For.
Must Have
2–4 years of experience in SOC operations, 2–4 years of experience in cybersecurity, 2–4 years of experience in information security, Understanding of Windows and Linux systems, Understanding of server hardening practices, Understanding of application hardening practices, Hands-on experience with Azure security services, Hands-on experience with EDR/XDR platforms, Hands-on experience with SIEM tools, Experience with Palo Alto, Experience with Cisco, Experience with IDS/IPS, Experience with DLP, Experience with MFA, Experience with encryption/key management systems, Solid understanding of networking fundamentals, Solid understanding of TCP/IP, Solid understanding of HTTP, Solid understanding of FTP, Solid understanding of SMTP, Solid understanding of DNS, Familiarity with common cyber threats, Familiarity with attack detection techniques, Scripting experience in Bash, Scripting experience in PowerShell, Scripting experience in Python, Understanding of MITRE ATT&CK, Understanding of Cyber Kill Chain, Awareness of PCI-DSS, Awareness of SOX, Awareness of HIPAA, Analytical skills, Communication skills, Problem-solving skills, Ability to work in high-pressure environments, Ability to work in rotational 24/7 shifts
Nice to Have
Knowledge of vulnerability scanning tools, Nessus experience a plus, Qualys experience a plus, Acunetix experience a plus, Metasploit experience a plus, Relevant certifications such as CompTIA Security+, Relevant certifications such as CEH, Relevant certifications such as CISSP
What You'll Do.
Triage security incidents
Analyze security incidents
Respond to security incidents
Investigate events using SIEM
Investigate events using EDR
Investigate events using XDR
Correlate logs across systems
Detect potential security breaches
Support incident escalation
Coordinate incident resolution
Identify SIEM rule optimization opportunities
Reduce false positives
Improve alert accuracy
Monitor threat intelligence feeds
Monitor vendor alerts
Identify emerging vulnerabilities
Identify emerging risks
Collaborate to prioritize remediation
Track mitigation efforts
Assist in developing procedures
Assist in maintaining procedures
Assist in developing playbooks
Assist in maintaining playbooks
Assist in developing documentation
Assist in maintaining documentation
Support security tooling improvements
Participate in continuous monitoring
Ensure security posture alignment
How You'll Work.
Team & Collaboration
Coordinate with SOC leadership; Coordinate with infrastructure teams; Coordinate with business units; Collaborate with IT teams; Collaborate with security teams
Full Job Description
## Accountabilities Triage, analyze, and respond to security incidents identified through SOC monitoring tools and security alerts. Monitor and investigate events using SIEM, EDR, and XDR platforms such as Splunk, Rapid7, ArcSight, or similar technologies. Perform log analysis and correlation across multiple systems to detect threats, anomalies, and potential security breaches. Support incident escalation and coordination with SOC leadership, infrastructure teams, and business units for resolution. Identify opportunities to optimize SIEM rules, reduce false positives, and improve automation and alert accuracy. Monitor threat intelligence feeds and vendor alerts to proactively identify emerging vulnerabilities and risks. Collaborate with IT and security teams to prioritize vulnerability remediation and track mitigation efforts. Assist in developing and maintaining incident response procedures, playbooks, and SOC documentation. Support security tooling improvements, dashboards, and reporting for operational and executive visibility. Participate in continuous monitoring of enterprise environments to ensure compliance and security posture alignment. Requirements: 2–4 years of experience in SOC operations, cybersecurity, or information security roles within enterprise environments. Strong understanding of Windows and Linux systems, including server and application hardening practices. Hands-on experience with security tools including Azure security services, EDR/XDR platforms (e.g., CrowdStrike, Microsoft Defender), and SIEM tools. Experience with security platforms such as Palo Alto, Cisco, IDS/IPS, DLP, MFA, or encryption/key management systems. Solid understanding of networking fundamentals including TCP/IP and protocols such as HTTP, FTP, SMTP, and DNS. Familiarity with common cyber threats such as DDoS, SQL injection, XSS, reconnaissance, and attack detection techniques. Knowledge of vulnerability scanning tools such as Nessus, Qualys, Acunetix, or Metasploit is a p
Applying for this IT Cyber Defense Analyst role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Lever
- Lever uses a streamlined one-page form — apply in under 5 minutes.
- LinkedIn import works well; review parsed data before submitting.
- The cover letter field is optional but visible to reviewers — use it to differentiate.
- Referral codes from employees can significantly boost visibility of your application.
ANONYMOUS · UNFILTERED
What do employees actually say about this company?
Real rants from real employees. Read before you apply.