Threat Detection and Response Analyst

Bachelor’s degree in Cybersecurity, Computer Science, or equivalent experience. 5–8 years of experience in cybersecurity. 3+ years focused on threat hunting, detection engineering, or incident response. Deep understanding of adversary tradecraft, the MITRE ATT&CK framework, and modern threat landscapes. Experience with SIEM, EDR, and cloud-native detection tools (e.g., CrowdStrike, Alienvault, AWS GuardDuty, Azure Defender, Elastic). Familiarity with scripting languages (Python, PowerShell, etc.). Knowledge of network protocols, operating system internals, and log analysis. Excellent written and verbal communication skills.

Perform cybersecurity threat detection, analysis, and mitigation. Conduct proactive threat hunting across systems, networks, and cloud environments. Investigate potential security incidents using various tools and logs. Collaborate with other security personnel to triage, contain, and remediate threats. Develop and tune custom detection rules, scripts, and playbooks. Design, build, and maintain scalable detection logic. Review and triage alerts and logs, escalating significant incidents. Monitor external service providers for suspicious activity. Analyze threat intelligence to anticipate attacker behavior. Document and communicate findings and recommend preventive actions. Contribute to purple team exercises and post-incident reviews. Mentor junior analysts.