14553 – Security Analyst (Hybrid) – Tallahassee, FL
Start Date: ASAP
Type: Temporary Project
Estimated Duration: 12+ months with possible extensions
Work Setting: Hybrid.
Only candidates able to relocate as required should apply to avoid removal from future consideration.
Required:
• Experience with combined IT and security work within a cybersecurity discipline (4+ years);
• Experience with KQL, Python, PowerShell, or batch scripting (3+ years);
• Experience with cloud computing and cloud computing security (2+ years);
• Experience with security issues, techniques, and implications across computer platforms;
• Experience with regulatory frameworks including NIST 800-53r5, CJIS Security Policy, and 60GG-2;
• Experience with MITRE framework including TTPs;
• CJIS certification (or ability to obtain).
Preferred:
• Cybersecurity certifications such as Security+, CySA+, Network+, SSCP, CISSP, CCSP, SecurityX/CASP+, or PenTest+;
• Bachelor's degree or higher in Computer Science, Information Security, or a related field.
Responsibilities include but are not limited to the following:
• Monitor security platforms including SIEM, EDR, and cloud-native security tools for indicators of compromise, indicators of attack, and incident response requirements;
• Utilize Microsoft Defender XDR components (Endpoint, Cloud Apps, Identity, Office 365) for monitoring, analysis, and response;
• Identify, triage, and investigate phishing incidents, including those submitted manually by end-users;
• Perform Identity and Access Management activities with a focus on identifying and managing risky users, risky sign-ins, and sign-in event correlation;
• Conduct in-depth investigations of security alerts, perform triage, and escalate or resolve incidents according to established procedures;
• Maintain, tune, and optimize security detection rules, alerts, and automations to reduce false positives and improve detection accuracy;
• Produce thorough documentation including after-action reports, lessons learned, and security reporting aligned with incident severity and organizational standards.