Experis
Cyber Security Operations Analyst
Long term contract
Hybrid - onsite once a week in Boston, MA
37.5 hour work week (7.5 hour work day)
Cyber Security Operations Analyst to join our dynamic Information Security team. In this role, you'll help safeguard the confidentiality, integrity, and availability of digital infrastructure. As a member of our five-person Security Operations team, you'll report to the Information Security Lead and play a critical role in threat detection, incident response, and the continuous improvement of our security posture. This is a hands-on technical position ideal for a self-starter passionate about cybersecurity and threat hunting.
Key Responsibilities Security Operations & Monitoring Respond to alerts from the Security Operations Center (SOC), Endpoint Detection and Response (EDR) systems, and identity platforms. Triage and resolve ServiceNow security tickets. Analyze daily system reports and threat intelligence feeds for actionable insights.
SIEM Management
Configure and refine alerts to enhance proactive and reactive capabilities. Maintain and optimize dashboards, queries, and data hygiene. Ensure log source enrollment and compliance with the Common Information Model (CIM).
Threat Detection & Incident Response
Conduct threat hunting using IOCs, IOAs, and emerging TTPs. Leverage SOAR workflows for automated response and remediation. Analyze web proxy and firewall traffic to detect and investigate anomalies. Participate in incident response and post-incident reviews. Continuously assess infrastructure and applications for vulnerabilities and risks.
Visibility & Compliance
Develop dashboards and reports to track security metrics and tool performance. Enhance visibility across network and endpoint environments. Recommend and implement security improvements, including system hardening and content filtering. Audit and validate the deployment and effectiveness of security controls. Ensure adherence to security policies and standards.
Vulnerability Management
Support vulnerability assessments and communicate findings to relevant stakeholders. Monitor and analyze the security posture of infrastructure and applications. Respond to alerts related to malware, breaches, zero-day threats, and trending vulnerabilities.
Additional Duties
Stay current on cybersecurity trends, threats, and regulatory developments. Recommend security solutions aligned with business needs and compliance requirements. Apply risk management frameworks effectively. Provide professional support to internal and external stakeholders. Offer deskside support for investigations and user education. Participate in emergency response efforts and provide on-call support as needed. Contribute to the ongoing enhancement of security program.
About You Required Qualifications
2+ years of experience in IT operations 2+ years of experience in cybersecurity operations Strong analytical, organizational, and communication skills Team-oriented with excellent time management Authorized to work indefinitely in the U.S.
Preferred Qualifications
Bachelor's degree in Cybersecurity, Information Security, or related field Industry certifications (e.g., CISSP, Security+) Experience in a large-scale Cyber Security Operations environment
Cyber Security Operations Analyst to join our dynamic Information Security team. In this role, you'll help safeguard the confidentiality, integrity, and availability of digital infrastructure. As a member of our five-person Security Operations team, you'll report to the Information Security Lead and play a critical role in threat detection, incident response, and the continuous improvement of our security posture. This is a hands-on technical position ideal for a self-starter passionate about cybersecurity and threat hunting.
Key Responsibilities Security Operations & Monitoring Respond to alerts from the Security Operations Center (SOC), Endpoint Detection and Response (EDR) systems, and identity platforms. Triage and resolve ServiceNow security tickets. Analyze daily system reports and threat intelligence feeds for actionable insights.
SIEM Management
Configure and refine alerts to enhance proactive and reactive capabilities. Maintain and optimize dashboards, queries, and data hygiene. Ensure log source enrollment and compliance with the Common Information Model (CIM).
Threat Detection & Incident Response
Conduct threat hunting using IOCs, IOAs, and emerging TTPs. Leverage SOAR workflows for automated response and remediation. Analyze web proxy and firewall traffic to detect and investigate anomalies. Participate in incident response and post-incident reviews. Continuously assess infrastructure and applications for vulnerabilities and risks.
Visibility & Compliance
Develop dashboards and reports to track security metrics and tool performance. Enhance visibility across network and endpoint environments. Recommend and implement security improvements, including system hardening and content filtering. Audit and validate the deployment and effectiveness of security controls. Ensure adherence to security policies and standards.
Vulnerability Management
Support vulnerability assessments and communicate findings to relevant stakeholders. Monitor and analyze the security posture of infrastructure and applications. Respond to alerts related to malware, breaches, zero-day threats, and trending vulnerabilities.
Additional Duties
Stay current on cybersecurity trends, threats, and regulatory developments. Recommend security solutions aligned with business needs and compliance requirements. Apply risk management frameworks effectively. Provide professional support to internal and external stakeholders. Offer deskside support for investigations and user education. Participate in emergency response efforts and provide on-call support as needed. Contribute to the ongoing enhancement of security program.
About You Required Qualifications
2+ years of experience in IT operations 2+ years of experience in cybersecurity operations Strong analytical, organizational, and communication skills Team-oriented with excellent time management Authorized to work indefinitely in the U.S.
Preferred Qualifications
Bachelor's degree in Cybersecurity, Information Security, or related field Industry certifications (e.g., CISSP, Security+) Experience in a large-scale Cyber Security Operations environment