- Company Name
- Wrench Group
- Job Title
- Cybersecurity Analyst
- Job Description
-
**Job title:** Cybersecurity Analyst
**Role Summary:**
Responsible for monitoring, investigating, and responding to security alerts within a Corporate Security Operations Center (SOC). Conducts Tier 2 incident handling, manages advanced security tooling (SIEM, EDR, threat intelligence platforms), and develops automation playbooks to enhance detection and response capabilities. Supports governance, legal hold processes, and delivers actionable reports to executive stakeholders.
**Expectations:**
* Demonstrated analytical ability to interpret complex threat data and anticipate adversarial tactics.
* Proficiency in threat & kill‑chain understanding, incident response, and security tooling.
* Ability to collaborate across IT, managed security services, and business units.
* Strong communication skills for reporting and stakeholder engagement.
**Key Responsibilities:**
- Review, triage, and investigate SIEM and detection platform alerts; provide real‑time Tier 2 SOC support.
- Release validated quarantined or trapped emails while ensuring policy compliance.
- Document findings, actions, and remediation steps per internal procedures.
- Configure, tune, and maintain security tools (Darktrace, Cylance, Microsoft Defender for Endpoint, Rapid7, etc.).
- Develop and maintain automation scripts and playbooks (PowerShell, Python) to improve detection and response.
- Monitor telemetry flow into SIEM; optimize alerting and reporting.
- Participate in continuous improvement of detection rules and processes.
- Support legal hold implementation and data governance; handle confidential HR/Legal matters with discretion.
- Produce clear, actionable cybersecurity reports for executive leadership and operational teams.
- Stay updated on emerging threats, vulnerabilities, and best practices; manage multiple priorities in a dynamic environment.
**Required Skills:**
- 3+ years SOC operations or cyber threat analysis experience.
- Hands‑on with Darktrace, Cylance, MDE, Rapid7, and SIEM platforms.
- Strong knowledge of email security, endpoint protection, and network monitoring.
- Scripting proficiency (PowerShell, Python) for automation.
- Solid understanding of threat lifecycle, attack techniques, and defensive strategies.
- Excellent analytical, problem‑solving, and communication skills.
**Required Education & Certifications:**
- Bachelor’s degree or equivalent in Cybersecurity, Information Technology, or related field.
- Relevant certifications (e.g., CompTIA Security+, GCIH, CEH, CCSP, CISSP) preferred.