Cybersecurity Analyst

Job Description

The Cybersecurity Analyst protects enterprise systems, data, and users by monitoring, detecting, investigating, and responding to security events. This exempt role exercises independent judgment to analyze complex alerts, improve defenses, and drive preventive controls, while partnering with the IT Director, Legal/Compliance, and business stakeholders to reduce risk.

This position will be considered fully remote, but travel will be required to UniTek locations as needed.

Job Responsibilities

Support enterprise cybersecurity in a variety of concepts including:

• Threat Monitoring & Incident Response
• Monitor SIEM and EDR tools; triage alerts, contain and eradicate threats, and perform root‑cause analysis.
• Lead incident response playbooks, coordinate post‑incident reviews, and document lessons learned.
• Vulnerability & Patch Management
• Run regular scans, validate findings, prioritize remediation based on risk, and track closure.
• Collaborate with infrastructure/app teams to align patch windows and verify fixes.
• Identity, Access & Endpoint Security
• Enforce MFA, least privilege, and privileged access reviews; support MDM and endpoint hardening baselines.
• Security Engineering & Hardening
• Tune SIEM/EDR/IDS signatures, maintain logging/alerting rules, and improve detection fidelity.
• Support firewall, proxy, email security, and zero‑trust policy updates.
• Governance, Risk & Compliance
• Map controls to frameworks (e.g., NIST CSF/800‑53, CIS), help with audits, and maintain security policies/standards.
• Contribute to third‑party risk assessments and vendor security due diligence.
• Awareness & Training
• Provide targeted user training and phishing simulations; publish tips and KB articles.
• Documentation & Metrics
• Maintain IR runbooks, architecture diagrams, and control evidence.
• Produce KPIs/KRIs (MTTD/MTTR, patch SLAs, phishing failure rates) for leadership.