Job Summary
We are seeking a highly skilled and motivated Technical Cybersecurity Analyst to join our Cybersecurity team. The ideal candidate will bring hands-on experience across multiple cybersecurity domains including Vulnerability Management, Incident Response, and Penetration Testing. This role requires a proactive and analytical thinker with a strong
technical foundation to detect, respond to, and prevent cyber threats.
Key Responsibilities
Vulnerability Management:
Conduct regular vulnerability scans using Nessus.
Analyze and prioritize vulnerabilities based on criticality and exposure.
Work with infrastructure and development teams to track remediation and verify fixes.
Incident Response:
Assist in handling security incidents through identification, containment, eradication, recovery, and lessons learned.
Perform root cause analysis using available tools.
Maintain and refine incident response runbooks and playbooks.
Penetration Testing:
Perform penetration tests on internal and external assets including networks and applications.
Identify misconfigurations, exploit vulnerabilities, and demonstrate potential impacts.
Document findings and assist teams in implementing remediation measures.
Desired Certifications (any of the ones below)
SANS / GIAC Certifications:
GCIH – GIAC Certified Incident Handler
GCIA – GIAC Certified Intrusion Analyst
GPEN – GIAC Penetration Tester
Other Recognized Certifications:
OSCP – Offensive Security Certified Professional
CEH – Certified Ethical Hacker
Technical Stack & Tools
Monitoring & Detection:
Zeek, PAN – Network protocol analysis and traffic monitoring
Splunk – SIEM for real-time alerting and correlation
CrowdStrike Falcon – Endpoint detection and threat hunting
Carbon Black – Endpoint and behavior-based analytics
Vulnerability Management:
- Nessus – Vulnerability scanning and risk assessment
Penetration Testing & Red Teaming:
- Burp Suite – Web application vulnerability scanning and testing
- Metasploit – Exploitation framework
- Nmap – Network scanning and host discovery
- Cobalt Strike – Red teaming and adversary simulation
- Kali Linux – Security auditing and pen-testing tools
- BloodHound – Active Directory attack path analysis
Scripting & Automation:
- Python – Custom scripts, automation, and data parsing
- PowerShell – Windows incident response and automation
- Bash – Linux scripting and automation