CyberSheath
Overview
CyberSheath Services International LLC is a rapidly growing Security and IT Managed Services Provider focused on Cybersecurity for the Defense Industrial Base (DIB). We are expanding and seeking a Cyber Security Analyst to join our Security Operations team. CyberSheath integrates compliance and threat mitigation efforts and helps clients optimize security investments. Our professionals guide clients on where to invest and how to integrate existing efforts to deliver improved security. This role is suitable for self-motivated individuals who can work independently and wear multiple hats in a fast-growing environment. Budgeted Pay Range:
$70,000—$100,000 USD Responsibilities
Investigate and respond to escalated security incidents across Microsoft cloud and on-premises environments Perform advanced incident analysis using Microsoft Defender suite and Azure Sentinel Conduct security assessments of Azure/Microsoft 365 configurations and implement hardening recommendations Analyze and respond to advanced Active Directory attacks (Kerberoasting, Pass-the-Hash, Golden Ticket) Monitor and investigate Exchange Server logs, email flow patterns, and phishing campaigns Analyze federation security including ADFS token-based attacks and SAML token manipulation Configure and tune WAF/firewall rule sets and investigate related security incidents Develop network segmentation strategies and identify lateral movement attempts Develop and maintain incident response playbooks for various attack scenarios Coordinate incident response activities with cross-functional teams Required Qualifications
3-5 years in cybersecurity with 2+ years SOC experience Deep knowledge of hybrid Microsoft environments (Microsoft 365, Azure, on-premises AD) Experience with SIEM platforms and security monitoring tools Scripting proficiency (PowerShell, Python) Strong analytical and communication skills Microsoft Certified: Security Operations Analyst (SC-200) One additional security certification: EC-Council CSA, CompTIA Security+, or similar Preferred Qualifications
Microsoft Certified: Azure Security Engineer (AZ-500) Microsoft Certified: Identity and Access Administrator (SC-300) CrowdStrike Certified Falcon Responder (CCFR) or equivalent EDR certification CISSP, SSCP, CCSP Skills & Expertise
Strong Proficiency with Microsoft Defender suite (Endpoint, Office 365, Identity, Cloud Apps) Azure Sentinel KQL query development and alert configuration Azure AD/Entra ID security configuration and attack path analysis Active Directory security assessment including GPOs, trust relationships, and delegation Email security and phishing detection/response Cloud security posture management Incident handling and digital forensics Threat intelligence analysis and implementation Work Environment
CyberSheath is a fully remote organization and this will be a work-from-home position This schedule entails working every other weekend Travel requirements: 0-5% yearly CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, disability, or other status.
#J-18808-Ljbffr
CyberSheath Services International LLC is a rapidly growing Security and IT Managed Services Provider focused on Cybersecurity for the Defense Industrial Base (DIB). We are expanding and seeking a Cyber Security Analyst to join our Security Operations team. CyberSheath integrates compliance and threat mitigation efforts and helps clients optimize security investments. Our professionals guide clients on where to invest and how to integrate existing efforts to deliver improved security. This role is suitable for self-motivated individuals who can work independently and wear multiple hats in a fast-growing environment. Budgeted Pay Range:
$70,000—$100,000 USD Responsibilities
Investigate and respond to escalated security incidents across Microsoft cloud and on-premises environments Perform advanced incident analysis using Microsoft Defender suite and Azure Sentinel Conduct security assessments of Azure/Microsoft 365 configurations and implement hardening recommendations Analyze and respond to advanced Active Directory attacks (Kerberoasting, Pass-the-Hash, Golden Ticket) Monitor and investigate Exchange Server logs, email flow patterns, and phishing campaigns Analyze federation security including ADFS token-based attacks and SAML token manipulation Configure and tune WAF/firewall rule sets and investigate related security incidents Develop network segmentation strategies and identify lateral movement attempts Develop and maintain incident response playbooks for various attack scenarios Coordinate incident response activities with cross-functional teams Required Qualifications
3-5 years in cybersecurity with 2+ years SOC experience Deep knowledge of hybrid Microsoft environments (Microsoft 365, Azure, on-premises AD) Experience with SIEM platforms and security monitoring tools Scripting proficiency (PowerShell, Python) Strong analytical and communication skills Microsoft Certified: Security Operations Analyst (SC-200) One additional security certification: EC-Council CSA, CompTIA Security+, or similar Preferred Qualifications
Microsoft Certified: Azure Security Engineer (AZ-500) Microsoft Certified: Identity and Access Administrator (SC-300) CrowdStrike Certified Falcon Responder (CCFR) or equivalent EDR certification CISSP, SSCP, CCSP Skills & Expertise
Strong Proficiency with Microsoft Defender suite (Endpoint, Office 365, Identity, Cloud Apps) Azure Sentinel KQL query development and alert configuration Azure AD/Entra ID security configuration and attack path analysis Active Directory security assessment including GPOs, trust relationships, and delegation Email security and phishing detection/response Cloud security posture management Incident handling and digital forensics Threat intelligence analysis and implementation Work Environment
CyberSheath is a fully remote organization and this will be a work-from-home position This schedule entails working every other weekend Travel requirements: 0-5% yearly CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, disability, or other status.
#J-18808-Ljbffr