Junior Cyber Defense Operations Analyst

About Cyber Force

Cyber Force is a cybersecurity consultancy delivering advisory, managed services, and operations to international clients. Our senior-led teams combine governance, engineering, and 24×7 response to turn cyber risk into measurable resilience.

Role Overview

We are looking for a Junior Cyber Defense Operations Analyst to join our Threat Detection & Response team as a frontline defender. You will monitor, triage, and investigate security alerts across SIEM, EDR, and XDR platforms, perform initial incident analysis, escalate confirmed threats, and maintain shift-based coverage for our managed services clients and on-site engagements. You will also leverage AI-augmented tooling and agentic SOC capabilities that Cyber Force is actively building into its detection and response workflows.

Key Responsibilities

• Monitor security alerts from SIEM (Elastic SIEM, Microsoft Sentinel), EDR/XDR (Defender XDR) across client environments
• Triage and investigate alerts: analyze log data, correlate events, identify IOCs, determine true vs. false positives
• Perform initial incident response: collect artifacts, preserve evidence, escalate to Tier 2/3 with structured handoff
• Execute detection playbooks aligned with MITRE ATT&CK
• Analyze network traffic, endpoint telemetry, and identity/authentication logs
• Maintain shift logs, case notes, and client-facing incident reports to SLA standards
• Contribute to detection engineering: propose rule improvements, tune thresholds
• Leverage AI-augmented tooling and LLM-based tools (Claude, ChatGPT) for alert enrichment and report drafting
• Validate AI-generated investigation outputs from agentic SOC capabilities
• Participate in purple team exercises and continuous training

Requirements

• Bachelor’s in CS, Cybersecurity, IT, or related (or equivalent practical experience)
• 0–1 year experience in SOC, cyber defense, or IT security (internships, labs, CTFs count)
• At least one cert: CompTIA Security+, CySA+, BTL1, ISACA CCOA, or equivalent
• Fluent English (written and spoken)
• Foundational knowledge of SIEM, EDR/XDR, and log analysis
• Networking fundamentals: TCP/IP, DNS, HTTP/S, firewalls, proxies, VPNs
• Familiarity with MITRE ATT&CK and common adversary TTPs
• Demonstrated experience using LLM-based tools (Claude, ChatGPT) — this is a must
• Willingness to work rotating shifts (24/7 coverage) and deploy to client sites
• Elastic, Microsoft Sentinel, or Defender XDR experience — a strong plus
• VICI VCDA (Viridian Certified Defense Associate) certification — a plus
• French language skills — a plus

Role details