Security Analyst – Cyber Defense Analyst

Job not on LinkedIn

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Thinkahead Consultant Psychologist Pty Ltd

WebsiteLinkedInAll Job Openings

1 - 10 employees

Thinkahead is a privately owned psychology firm working across both the clinical field of private practice as well as corporate consulting space.

📋 Description

• Monitor, triage, and analyze security alerts, telemetry, and log data across enterprise security platforms, including SIEM and other detection technologies. • Perform in-depth analysis of exploits, attacker behavior, and anomalous activity across endpoint, identity, network, cloud, and application data sources. • Review and correlate security events in the SIEM to identify threats, validate detections, and support timely incident declaration and escalation decisions. • Document investigative findings, response actions, and evidence throughout the incident lifecycle, and provide timely status updates to leadership and stakeholders. • Conduct proactive threat hunting and threat research to identify emerging risks, adversary techniques, and gaps in current detection coverage. • Contribute to detection engineering and response automation efforts that improve Cyber Defense monitoring and containment capabilities. • Support security tooling operations by helping maintain the effectiveness, reliability, and visibility of core defensive technologies used by the Cyber Defense team. • Assist with the development and refinement of incident response processes, playbooks, workflows, and operational procedures to improve overall Cyber Defense effectiveness. • Communicate intrusion activity, incident details, threat trends, and recommended actions clearly to internal stakeholders and leadership. • Partner with infrastructure teams and system owners to review vulnerability findings, help prioritize remediation, and track closure of high-risk issues.

🎯 Requirements

• 5+ years of experience in information security, ideally including direct experience in incident response, cyber defense, or security operations in a corporate or enterprise environment • Hands-on experience with SIEM platforms, including creating and using searches, dashboards, alerts, and investigations; experience with CrowdStrike NG-SIEM strongly preferred • Experience with Microsoft 365 security technologies, including Microsoft Defender XDR for email, identity, and collaboration platforms • Basic knowledge of networking concepts and cloud environments, including AWS and Azure • Foundational knowledge of Windows and macOS • Strong written and verbal communication skills, including clear incident documentation and the ability to communicate technical findings to non-technical stakeholders in a global environment • Familiarity with MITRE ATT&CK, NIST CSF, CIS Controls, or similar security frameworks is preferred • Basic familiarity with scripting or query languages such as PowerShell, Python, or similar to support automation and analysis is preferred • Experience supporting vulnerability management processes using tools such as Tenable and Wiz, including triage, validation, prioritization, and remediation tracking is preferred • Bachelor's Degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field

🏖️ Benefits

• Comprehensive health insurance coverage for employees, with options to extend coverage to dependents • Paid time off and company holidays, along with additional leave benefits as per policy • Flexible work arrangements, supporting work-life balance • Learning and development opportunities to support continuous growth and upskilling • Employee wellness initiatives and programs focused on physical and mental well-being • Retirement and statutory benefits in line with India regulations • Inclusive and people-first culture, with a strong focus on collaboration and ownership