IT Cybersecurity - IT Security Analyst

Job Description The Global IT Security Analyst is a critical role responsible for monitoring, detecting, investigating, and responding to cybersecurity threats across our global environment. This is an ideal opportunity for someone motivated by hands-on incident response, cross-functional collaboration, and strengthening the security posture of systems, infrastructure, and end-user computing. We are looking for an individual with strong technical depth and the judgment to prioritize and drive incidents to resolution, while clearly communicating impact, status, and next steps to both technical teams and business partners. You will help build repeatable response playbooks and partner with end users to improve security awareness and reduce risk. Primary Accountabilities: Monitor, triage, and investigate security alerts using SIEM and endpoint detection and response (EDR) tooling; validate severity and scope, and document findings. Execute and continuously improve incident response processes (prepare, detect, contain, eradicate, recover); develop and maintain playbooks and runbooks for common scenarios (phishing, malware, account compromise, ransomware). Perform incident investigation and analysis using logs and telemetry (identity, endpoint, network, cloud); conduct basic packet and host analysis as needed to determine root cause and attacker activity. Coordinate incident response with the SOC/MDR provider and internal teams (IT, Infrastructure, HR, Legal, and business stakeholders); ensure timely escalation and handoffs. Lead containment and remediation actions (e.g., isolate endpoints, disable accounts, block indicators, reset credentials) and track actions through to closure with clear timelines and ownership. Drive post-incident reviews (lessons learned) and implement corrective actions to reduce recurrence, improve detection logic, and strengthen controls. Maintain awareness of the current threat landscape and translate threat intelligence into actionable detections, hardening recommendations, and user guidance. Support governance and assurance activities including policy/standard reviews, control evidence collection, and third-party risk and audit activities (e.g., ISO 27001, NIST, CIS). Create and tune detection content (queries, correlation rules, and indicators) to improve signal quality and reduce false positives in security monitoring tools. Perform basic malware triage and forensic collection as needed (e.g., preserve evidence, analyze artifacts, support deeper analysis by internal teams or vendors). Engage end users during investigations (e.g., phishing reports, suspicious activity) with clear guidance and empathy; contribute to security awareness initiatives (phishing education, safe computing practices) and incorporate user feedback to improve processes. Qualifications Education and Experience: BS degree in Computer Science, Engineering or Information Technology or equivalent. 3-5 years of experience in a cybersecurity/SOC/IT security operations role with exposure to incident triage, investigation, and coordinated response. Working knowledge of security frameworks and control concepts (ISO 27001/27002, NIST 800-53/171, CIS Controls) and how they translate into operational controls. Experience with common security tooling is preferred (SIEM, EDR, vulnerability scanning, email security, identity platforms; SOAR a plus). Certifications such as Security+, GCIH, GCIA, CEH, SSCP, or equivalent are preferred. Strong written and verbal communication skills; able to explain risk and response steps to end users and stakeholders, produce incident documentation, and present post-incident findings. Must be able to travel as needed, sometimes as much as 30%.