Cyber Security Analyst II

3-5 years in cybersecurity 2+ years SOC experience Deep knowledge of hybrid Microsoft environments (Microsoft 365, Azure, on-premises AD) Experience with SIEM platforms and security monitoring tools Scripting proficiency (PowerShell, Python) Strong analytical and communication skills Microsoft Certified: Security Operations Analyst (SC-200) One additional security certification: EC-Council CSA, CompTIA Security+, or similar

Investigate and respond to escalated security incidents across Microsoft cloud and on-premises environments Perform advanced incident analysis using Microsoft Defender suite and Azure Sentinel Conduct security assessment of Azure/Microsoft 365 configurations and implement hardening recommendations Analyze and respond to advanced Active Directory attacks Monitor and investigate Exchange Server logs, email flow patterns, and phishing campaigns Analyze federation security including ADFS token-based attacks and SAML token manipulation Configure and tune WAF/firewall rule sets and investigate related security incidents Develop network segmentation strategies and identify lateral movement attempts Develop and maintain incident response playbooks for various attack scenarios Coordinate incident response activities with cross-functional teams