Jobs · Information Technology · Tennessee

Cyber Security Analyst

Boston Government Services, LLC (BGS) · Knoxville Metropolitan Area · 3 wk ago
Information TechnologyFull-time

Duties/Responsibilities

  • Resetting user passwords for cause (e.g., when they have been identified as being suspected compromised or 'known compromised').
  • Working with service owners to reset service account passwords for various reasons.
  • Ensuring authorizers are designated for in-scope accounts.
  • Analyzing usage patterns for accounts (e.g., service, administrative) to identify inactive accounts or inappropriate account use.
  • Reviewing approval requests for various new access or accounts.
  • Triaging unusual access requests (e.g., access from 3rd party VPN providers, impossible travel) or phishing reports.
  • Evaluating endpoint and detection response (EDR) installation and coverage.
  • Identifying systems without EDR and providing to IT teams for remediation.
  • Monitoring external attack surface for unapproved systems, undocumented systems, and newly disclosed vulnerabilities.
  • Reviewing systems with existing public access to ensure requirements for these systems are followed (e.g., event logging, multifactor authentication).
  • Attending online/Teams meetings with team and others as appropriate.
  • Working with team to provide status on current tasks, suggest improvements, discuss implementation, etc.

Requirements

  • 1–3 years in a SOC, cyber security 'blue team', or closely related role.
  • A strong grasp of TCP/IP, OSI model, and common protocols (HTTP, DNS, SMTP).
  • Windows/Linux/macOS fundamentals; Active Directory/Azure AD concepts; basic cloud logging.
  • Experience with at least one SIEM and one EDR/XDR platform.
  • Experience with ticketing/case management.
  • Ability to craft queries using common languages; comfort with regex, JSON and APIs; basic scripting in Python/PowerShell/Bash.
  • Excellent analytical, problem-solving, and communication skills both with stakeholders, peers, and internal customers; able to operate under pressure in a shift or on-call environment.
  • Must be a U.S. citizen.
  • Successful drug screening.

Preferred Qualifications

  • 3–5 years relevant experience including investigations, data analysis, and detection tuning.
  • Comfort using Splunk Processing Language (SPL), CrowdStrike EDR, and ServiceNow.
  • Experience with SOAR tools and automation development.
  • Experience using identity security/management tools (e.g., Entra ID, Active Directory, Shibboleth, CrowdStrike Identity Protection).
  • Cloud security experience (e.g., CloudTrail/GuardDuty, Azure Defender/M365, GCP Security Command Center).
  • Basic forensics skills and network analysis fundamentals (host triage, timelines, artifact analysis, packet/PCAP review).
  • Understanding of the Cyber Security Framework (CSF) and NIST 800-53 controls.

Similar jobs

Cyber Security Analyst

Tata Consultancy ServicesWhippany, NJ· 2 wk ago
Information Technologyapply on ibegin.tcsapps.com

Cyber Security Analyst

Ohio CatBroadview Heights, OH· 6 days ago
Information Technologyapply on careers.ohiomachinery.com

Cyber Security Analyst

LeidosFort Meade, MD· 6 days ago
Information Technology$108k–$195k/yrapply on careers.leidos.com