Jobs · Management · Texas

Cyber Operations Analyst

Hillwood · Dallas, TX · 3 wk ago
On-siteManagementFull-time

Responsibilities

  • Security Monitoring and Triage: Monitor and triage security alerts from tools such as SIEM, EDR/XDR, email security, identity systems, and other log sources.
  • Perform initial analysis to determine alert validity, scope, and potential impact; identify false positives and document rationale.
  • Gather and preserve relevant evidence (logs, endpoint data, email headers, timelines) and maintain clear case notes.
  • Incident Response Support and Escalation: Follow established playbooks/runbooks to handle common security events (phishing, malware alerts, suspicious logins, policy violations, etc.). Escalate confirmed or high-risk events to senior analysts/incident response leads with accurate context and recommendations.
  • Aid in containment and remediation tasks under guidance (e.g., isolating endpoints, password resets, blocking indicators, opening IT tickets).
  • Ticketing, Documentation and Communication: Own your queue: update tickets promptly, meet internal SLAs, and communicate status clearly to the cyber team and IT partners.
  • Document investigations thoroughly and consistently so others can pick up work seamlessly.
  • Operational Support and Continuous Improvement: Support routine checks and operational tasks (sensor/agent health, log onboarding validation, dashboard checks, basic reporting).
  • Identify patterns that indicate recurring issues and propose improvements (alert tuning, new detections, process changes).
  • Participate in periodic table-top exercises, lessons learned, and process refinement efforts.
  • Risk Reduction and Security Support: Assist with vulnerability management coordination (tracking findings, validating remediation, communicating with system owners).
  • Support phishing response and user-reported security concerns; help with awareness follow-ups and lessons learned.
  • Contribute to audits/questionnaires by gathering evidence and maintaining organized records (under supervision).
  • Collaborate closely with IT (networking, systems, help desk) and business partners to ensure security supports business outcomes.

Qualifications

  • Strong attention to detail and ability to follow defined processes while applying sound judgment.
  • Clear written and verbal communication skills, including the ability to document technical findings for varied audiences.
  • High level of integrity and ability to handle sensitive information with discretion.
  • Ability to manage multiple priorities in a team-oriented, fast-paced environment.
  • Foundational understanding of cybersecurity concepts, including phishing, malware, MFA, and least privilege.
  • Familiarity with industry frameworks such as MITRE ATT&CK and NIST CSF.
  • Demonstrated curiosity and willingness to learn.
  • Exposure to one or more of the following is preferred: Networking fundamentals (TCP/IP, DNS, HTTP/HTTPS, VPN), Windows security concepts (accounts, permissions, event logs), SIEM and/or EDR/XDR tools (e.g., Microsoft Defender), Vulnerability management tools (e.g., Rapid7), Microsoft 365 / Entra ID security concepts.

Similar jobs

Cyber Operations Analyst

Accenture Federal ServicesFort Meade, MD· 2 wk ago
Management$108k–$203k/yrapply on boards.greenhouse.io