Security Analyst

at  Everseen

PROFILE AND SKILLS

• Microsoft Entra ID Expertise: Strong understanding of identity and access management concepts within Microsoft Entra ID (formerly Azure AD), including multifactor authentication (MFA), conditional access policies, and privilege management.
• Experience with Microsoft Sentinel: Proficiency in using Microsoft Sentinel for log analysis, threat detection, and responding to security events.
• Kusto Query Language (KQL): Strong proficiency in KQL for querying and analyzing data within Microsoft Sentinel or other tools in the Azure ecosystem.
• Networking Knowledge: Solid understanding of networking concepts such as TCP/IP, DNS, firewalls, VPNs, and how they relate to security monitoring and threat detection.
• Medium Linux Skills: Experience with Linux operating systems, including command-line proficiency, scripting, and the ability to monitor logs and secure systems.
• Experience with Security Tools: Experience using security monitoring tools such as Microsoft Sentinel, IDS/IPS, endpoint detection and response (EDR), and firewalls.
• Analytical Skills: Strong attention to detail and ability to analyze logs, network traffic, and security events for potential risks.
• Communication Skills: Excellent verbal and written communication skills for incident documentation, reports, and interaction with different teams.
• Team Player: Collaborative mindset, able to work with cross-functional teams to strengthen the organization’s security posture.

THE ROLE

We are seeking a motivated and detail-oriented Security Analyst to join our dynamic cybersecurity team as part of the Blue team. The ideal candidate will play a key role in monitoring, detecting, and responding to security threats and incidents. You will work to ensure the security of our systems by utilizing tools such as Microsoft Entra ID, Microsoft Sentinel, networking concepts, and basic Linux skills. This position requires a proactive attitude, strong problem-solving abilities, and a passion for securing enterprise environments.

WHAT YOU’LL DO

• Threat Monitoring and Detection: Continuously monitor security alerts, events, and potential threats using Microsoft Sentinel and other security systems.
• Incident Response: Respond to and investigate security incidents, providing mitigation strategies and remediation actions.
• Vulnerability Management: Assist in identifying vulnerabilities in systems, networks, and applications, and propose appropriate fixes.
• Microsoft Entra ID: Manage and monitor identity security within the Microsoft Entra ID ecosystem, including authentication mechanisms, identity lifecycle management, and access control.
• Network Security: Analyze and troubleshoot network traffic for anomalies, unauthorized access, and potential security breaches.
• Linux Systems Security: Perform security hardening and troubleshooting on Linux servers, monitoring logs for suspicious activities.
• Log Analysis with Microsoft Sentinel: Review and analyze logs from Microsoft Sentinel, firewalls, and IDS/IPS to identify potential threats or indicators of compromise.
• Collaboration: Work closely with other team members, including Red Team counterparts, to strengthen organizational security posture and contribute to security exercises.
• Documentation: Create and maintain detailed reports and incident documentation for post-incident reviews and compliance purposes.
• Continuous Improvement: Stay up-to-date with the latest security trends, technologies, and best practices.