We are seeking an experienced and driven Cybersecurity Analyst to join our dynamic IT Security team. This role is designed for a security professional ready to take ownership of critical security platforms and play a key role in protecting our organization’s systems and data.
As a member of our team, you will lead efforts across endpoint detection and response, vulnerability management, incident investigation, and risk reduction initiatives. This position requires strong hands-on experience with CrowdStrike and Rapid7, along with the ability to independently analyze threats, prioritize remediation, and continuously enhance our security posture.
Description
The Cybersecurity Analyst is a mid-level security professional responsible for the administration, optimization, and operational effectiveness of SBLI’s cybersecurity technologies, with primary ownership of CrowdStrike, Rapid7, and KnowBe4 platforms. This role requires hands-on configuration, investigation, tuning, reporting, and continuous improvement of security controls. The Analyst plays a key role in threat detection, vulnerability management, incident response, user awareness training, and security control validation, while also supporting broader cybersecurity governance initiatives including maintaining documentation and vendor risk management. Responsibilities
Vulnerability & Patch Management: Own and manage the organization’s vulnerability and patch management programs, including oversight of scanning activities, risk-based prioritization of findings, and coordination of remediation efforts with IT stakeholders. Drive measurable reduction of exposure through continuous monitoring, patching, reporting, and validation of remediation activities. Endpoint Detection & Response (EDR) Management: Lead administration and optimization of the organization’s Endpoint Detection and Response (EDR) platform. Monitor and investigate endpoint alerts, conduct proactive threat hunting, tune detection policies, and execute containment and remediation actions. Ensure comprehensive endpoint coverage, maintain sensor health, and continuously enhance detection capabilities to reduce risk and improve response effectiveness. User Awareness Training: Lead the design, execution, and continuous improvement of the organization’s security awareness program. Develop targeted training content aligned to current threat trends, oversee phishing simulation campaigns, analyze user behavior and incident metrics, and implement data-driven enhancements to measurably reduce human risk across the organization. Access & Identity Management: Assist in the management of user access rights and privileges across the organization\'s systems and applications. This involves user provisioning, deprovisioning, access reviews, and enforcing access control policies to ensure appropriate levels of access. Incident Response: Lead incident response activities by proactively monitoring and analyzing security events across endpoint and vulnerability management platforms, identifying and validating potential security incidents, and executing containment, eradication, and recovery actions. Conduct root cause analysis, coordinate remediation efforts with IT stakeholders, and continuously refine detection and response capabilities to strengthen overall security posture. Security Audits and Assessments: Assist in conducting security audits and assessments to identify vulnerabilities and weaknesses in the organization\'s infrastructure, systems, and applications. Collaborate with the team to develop remediation plans and assist in implementing security controls. Vendor Management: Conduct comprehensive risk assessments of third-party vendors to ensure compliance with our security standards and policies. The role requires proactive engagement with vendors to evaluate their security practices, data handling protocols, and breach response plans. This includes continuously monitoring and reviewing vendor performance to mitigate any potential risks to the organization\'s information security. Security Documentation and Reporting: Lead the development, enhancement, and ongoing maintenance of security documentation, including policies, standards, procedures, and technical playbooks. Develop and deliver meaningful security metrics, dashboards, and key performance indicators (KPIs) to measure control effectiveness, vulnerability exposure, incident trends, and overall risk posture, while supporting audit and regulatory reporting requirements. Stay Abreast of Cybersecurity Trends: Continuously enhance your knowledge and skills in the field of cybersecurity by staying up to date with the latest industry trends, best practices, and emerging threats. Actively participate in training programs, conferences, and certifications to broaden your expertise. Qualifications
Bachelor’s degree in computer science, information security, or related field. (Preferred but not required). Strong understanding of cybersecurity principles, concepts, and technologies. Knowledge of access control and identity management practices. Hands-on experience with the CrowdStrike and Rapid7 platforms. Proficient in Microsoft 365 administration and security features, with strong working knowledge of Active Directory and Microsoft Entra ID (Azure Active Directory) Experience leading or independently managing security investigations. Solid understanding of security auditing, assessment methodologies and vulnerability management. Strong analytical, documentation, and communication skills. Strong attention to detail and ability to work independently as well as part of a team. Relevant certifications such as Security+, CISSP, or CISM (Preferred but not required). 3+ years of cybersecurity experience. Ability to work in a hybrid office environment - required to work three days in Woburn, MA office including mandatory Wednesdays. Skills
Familiarity or experience with the following technology solutions: Rapid7 CrowdStrike KnowBe4 Automox Pentera Varonis Mimecast Netskope IMPERVA Checkpoint AuditBoard If you are looking to advance your cybersecurity career in a collaborative, fast-paced, and mission-driven environment, we encourage you to apply. Join us in safeguarding our critical assets and strengthening the confidentiality, integrity, and availability of our information systems. Local candidates only. No relocation or sponsorship available.
#J-18808-Ljbffr
The Cybersecurity Analyst is a mid-level security professional responsible for the administration, optimization, and operational effectiveness of SBLI’s cybersecurity technologies, with primary ownership of CrowdStrike, Rapid7, and KnowBe4 platforms. This role requires hands-on configuration, investigation, tuning, reporting, and continuous improvement of security controls. The Analyst plays a key role in threat detection, vulnerability management, incident response, user awareness training, and security control validation, while also supporting broader cybersecurity governance initiatives including maintaining documentation and vendor risk management. Responsibilities
Vulnerability & Patch Management: Own and manage the organization’s vulnerability and patch management programs, including oversight of scanning activities, risk-based prioritization of findings, and coordination of remediation efforts with IT stakeholders. Drive measurable reduction of exposure through continuous monitoring, patching, reporting, and validation of remediation activities. Endpoint Detection & Response (EDR) Management: Lead administration and optimization of the organization’s Endpoint Detection and Response (EDR) platform. Monitor and investigate endpoint alerts, conduct proactive threat hunting, tune detection policies, and execute containment and remediation actions. Ensure comprehensive endpoint coverage, maintain sensor health, and continuously enhance detection capabilities to reduce risk and improve response effectiveness. User Awareness Training: Lead the design, execution, and continuous improvement of the organization’s security awareness program. Develop targeted training content aligned to current threat trends, oversee phishing simulation campaigns, analyze user behavior and incident metrics, and implement data-driven enhancements to measurably reduce human risk across the organization. Access & Identity Management: Assist in the management of user access rights and privileges across the organization\'s systems and applications. This involves user provisioning, deprovisioning, access reviews, and enforcing access control policies to ensure appropriate levels of access. Incident Response: Lead incident response activities by proactively monitoring and analyzing security events across endpoint and vulnerability management platforms, identifying and validating potential security incidents, and executing containment, eradication, and recovery actions. Conduct root cause analysis, coordinate remediation efforts with IT stakeholders, and continuously refine detection and response capabilities to strengthen overall security posture. Security Audits and Assessments: Assist in conducting security audits and assessments to identify vulnerabilities and weaknesses in the organization\'s infrastructure, systems, and applications. Collaborate with the team to develop remediation plans and assist in implementing security controls. Vendor Management: Conduct comprehensive risk assessments of third-party vendors to ensure compliance with our security standards and policies. The role requires proactive engagement with vendors to evaluate their security practices, data handling protocols, and breach response plans. This includes continuously monitoring and reviewing vendor performance to mitigate any potential risks to the organization\'s information security. Security Documentation and Reporting: Lead the development, enhancement, and ongoing maintenance of security documentation, including policies, standards, procedures, and technical playbooks. Develop and deliver meaningful security metrics, dashboards, and key performance indicators (KPIs) to measure control effectiveness, vulnerability exposure, incident trends, and overall risk posture, while supporting audit and regulatory reporting requirements. Stay Abreast of Cybersecurity Trends: Continuously enhance your knowledge and skills in the field of cybersecurity by staying up to date with the latest industry trends, best practices, and emerging threats. Actively participate in training programs, conferences, and certifications to broaden your expertise. Qualifications
Bachelor’s degree in computer science, information security, or related field. (Preferred but not required). Strong understanding of cybersecurity principles, concepts, and technologies. Knowledge of access control and identity management practices. Hands-on experience with the CrowdStrike and Rapid7 platforms. Proficient in Microsoft 365 administration and security features, with strong working knowledge of Active Directory and Microsoft Entra ID (Azure Active Directory) Experience leading or independently managing security investigations. Solid understanding of security auditing, assessment methodologies and vulnerability management. Strong analytical, documentation, and communication skills. Strong attention to detail and ability to work independently as well as part of a team. Relevant certifications such as Security+, CISSP, or CISM (Preferred but not required). 3+ years of cybersecurity experience. Ability to work in a hybrid office environment - required to work three days in Woburn, MA office including mandatory Wednesdays. Skills
Familiarity or experience with the following technology solutions: Rapid7 CrowdStrike KnowBe4 Automox Pentera Varonis Mimecast Netskope IMPERVA Checkpoint AuditBoard If you are looking to advance your cybersecurity career in a collaborative, fast-paced, and mission-driven environment, we encourage you to apply. Join us in safeguarding our critical assets and strengthening the confidentiality, integrity, and availability of our information systems. Local candidates only. No relocation or sponsorship available.
#J-18808-Ljbffr