Title: Senior Cyber Security Analyst

Location: Phoenix, Virginia (Hybrid)

Job Type: Contract-to-hire/Direct hire

Department: Information Security

We are seeking a highly motivated Senior Cyber Security Analyst to join our growing information security team that has experience focusing on the data, threat, and SOP portion of Cyber Security. In this role, you will be responsible for identifying, analyzing, and responding to cybersecurity threats across the organization. The ideal candidate has strong analytical skills, a proactive mindset, and a passion for defending digital assets in an ever-evolving threat landscape.

Responsibilities:

• Monitor, analyze, and respond to cybersecurity incidents, threats, and vulnerabilities to ensure organizational resilience.
• Lead security assessments, audits, and penetration tests to proactively identify and remediate vulnerabilities.
• Develop, implement, and maintain cybersecurity policies, procedures, and best practices in alignment with industry standards (e.g., NIST, ISO 27001, GDPR, SOC 2).
• Conduct security awareness initiatives and training programs—including phishing simulations and Cybersecurity Awareness Month activities—to foster a security-conscious culture.
• Administer, tune, and optimize security tools and platforms, including SIEM, IDS/IPS, EDR, vulnerability scanners, and cloud security solutions.
• Design and implement security measures for AI systems, including secure AI development practices, threat modeling, and defense against adversarial attacks.
• Provide guidance on secure coding practices (DevSecOps) and collaborate closely with development, DevOps, and AI teams to embed security throughout the technology lifecycle.
• Serve as a technical security expert, offering advice and support to IT and business units.
• Stay informed on emerging cyber threats, attack vectors, and best practices, proactively recommending strategies to strengthen security posture.

Required Skills:

• Bachelor's degree in cybersecurity, computer science, or a related field (or equivalent work experience).
• A minimum of 5 years of experience in a core cybersecurity domain, IT infrastructure, or related field.
• Cybersecurity certifications are a plus (e.g., CEH, CISM, CompTIA Security+, CISSP, GSEC).
• In-depth knowledge of IT infrastructure, including cloud platforms, operating systems (desktop and server), and networking components (routers, switches, firewalls, wireless access points).
• Hands-on experience securing Azure environments; experience with multi-cloud environments is a plus.
• Proficiency in scripting languages such as PowerShell and API integrations.
• Practical experience with security tools such as CrowdStrike, Microsoft Defender Suite, Stellar AI XDR, Microsoft Sentinel, and Nessus Professional.
• Strong understanding of risk and vulnerability management, including attack surface reduction techniques.
• Working knowledge of technologies such as CASB, ZTNA, SASE, and VPN.
• Familiarity with AI security practices, including secure data handling, model protection, and adversarial machine learning risks.
• Knowledge of static code analysis tools like SonarCloud is a plus.
• Strong communication, collaboration, and problem-solving abilities.
• Ability to manage multiple projects independently while maintaining a security-first, customer-focused approach.