Cyber Security Analyst UltraViolet Cyber is seeking a Cyber Security Analyst to add to our existing team. Primary responsibilities will require: (i) in-depth analysis of intrusions in diverse computing environments; (ii) thorough packet analyses; (iii) implementing/optimizing changes to security infrastructure; (iv) integrating threat intelligence into the operational environment; and (v) protecting systems and infrastructure from infiltration or exfiltration of data. Responsibilities: Perform analyses of network infrastructure, applications, operating systems, firewalls, proxy devices and malware detection in a fast-paced environment Proactively identify threats across a wide range of customer environments Monitor alerts using a SIEM platform to respond, triage and escalate incidents, as necessary Perform vulnerability scans, analyze results and recommend remediation actions Perform continuous monitoring of diverse security environments and analyze event log data to determine severity and prioritization of incident response efforts Contribute to the advancement of security posture Minimum Requirements: 2 years of operational experience with securing and monitoring multiple platforms, network configurations and implementations Broad knowledge of IT security General systems infrastructure experience Experience with log correlation and packet analysis tools Solid understanding of common enterprise information systems services such as Active Directory Solid understanding of TCP/IP protocol suite, security architecture and security techniques/products Experience with various security management tools (e.g., vulnerability management, configuration management and SIEM) Proven ability to analyze captured data to perform incident response and identify potential compromises Excellent written and oral communication skills Preferred Education and Certifications: B.A or B.S in computer science or related field CompTia Sec+ CompTia CySa+

Essential duties & responsibilities: Analyze and recommend improvements to network, system, and application architectures to enhance security. Research, design, and implement cybersecurity solutions that protect the organization s systems and products. Collaborate with DevOps, Platform Engineering and Architecture teams to ensure security is embedded in the design and development of applications and systems. Actively participate in the change management process ensuring security considerations are prioritized in system upgrades and modifications. Design and deploy automated security controls to improve efficiency in risk identification, configuration management, and security assessments. Develop and refine security policies to address cloud security misconfigurations, leveraging cloud-native security technologies. Implement logging and monitoring solutions for cloud environments to enhance SOC team capabilities in detecting and responding to security incidents. Assess and review emerging technologies to identify potential security risks and implement mitigation strategies. Design and deploy innovative security technologies to address evolving security challenges. Conduct vulnerability scanning, anomaly detection, and risk assessment to enhance the security posture. Work closely with security architects to develop and deploy security solutions that address cloud-specific risks. Take ownership of security posture improvements, ensuring strict security policies and controls align with business objectives. Research and stay up to date on emerging security threats and provide strategic recommendations to strengthen security defenses. Qualification & Experience: Hands-on experience with implementing security controls, including Database security, Web content filtering, Anomaly detection & response, Vulnerability scanning & management Proficiency in at least one scripting language (e.g., Perl, Python, PowerShell, Bash) for automation and security tooling. Expertise in at least one of the following security domains: Network security (e.g., IDS/IPS, firewall hardening) , Cloud-native security (e.g., IAM, security groups, encryption), Endpoint security (e.g., EDR/XDR, mobile security) , Application security (e.g., SAST, DAST, API security) Strong familiarity with industry security frameworks and regulations, including: NIST Cybersecurity Framework (CSF), CIS Controls, HIPAA, GDPR compliance Ability to assess compliance requirements and implement security controls to ensure adherence. Strong problem-solving and analytical skills, with the ability to assess complex security risks and develop mitigation strategies. Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders. Proven ability to work independently, manage projects, and contribute as an integral part of a high-performing security team

Job Description: The ideal candidate will be responsible for managing and securing endpoints using CyberArk EPM and CrowdStrike Falcon. They will play a pivotal role in minimizing risks, improving security posture, and ensuring compliance with organizational policies and industry standards. Technical Skills (Necessary) Preferred: CyberArk Defender, CrowdStrike Certified Falcon Administrator (CCFA). Programming/Scripting: Proficiency in Python, PowerShell, or Bash for security task automation. Experience with Security Technologies: Hands-on with EDR, DLP, IDS/IPS, WAF, AV, and SIEM tools. SSL certificate management for installation, renewal, and troubleshooting. Key Responsibilities: CyberArk EPM Management: Configure and manage endpoint privilege policies to enforce least privilege. Monitor and respond to privilege escalation activities. Implement application control policies for endpoint security. CrowdStrike Falcon Management: Monitor endpoint activities and respond to alerts generated by CrowdStrike Falcon. Investigate incidents using CrowdStrike tools and conduct threat hunting. Implement and optimize detection and prevention policies in Falcon. Endpoint Security and Compliance: Collaborate with IT teams to ensure secure endpoint configurations. Ensure compliance with security standards and regulations. SSL Certificate Management: Manage the lifecycle of SSL certificates, including installation, renewal, and troubleshooting. Ensure proper encryption standards are maintained. Continuous Improvement: Stay updated on emerging threats and vulnerabilities related to endpoint security. Enhance policies and procedures for endpoint protection. Documentation and Reporting: Maintain comprehensive documentation of configurations, incidents, and resolutions. Provide regular reports on endpoint security metrics and compliance status.

Job Description Position: Security Analyst - L1 Department: Security Operations Center Job Summary We are seeking a proactive and detail-oriented Level 1 SOC Analyst to join our Security Operations Center team. As the first line of defense, the Level 1 SOC Analyst is responsible for monitoring, detecting, and triaging security events and incidents. The role plays a critical part in ensuring the organization s security posture by providing real-time analysis and initial incident response support. Key Responsibilities Monitor security alerts and events from SIEM (Security Information and Event Management) and other monitoring tools. Identify and triage potential security incidents based on established procedures and playbooks. Analyze suspicious activities related to endpoint, network, and user behavior. Create and escalate incident tickets to Level 2 analysts or the Incident Response team when appropriate. Document findings and actions taken in ticketing and case management systems. Assist in the continuous improvement of SOC processes and detection capabilities. Maintain awareness of current threat trends and indicators of compromise (IOCs). Support threat intelligence gathering by tagging and categorizing incidents. Required Skills & Qualifications Bachelor s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience). Basic understanding of: Networking fundamentals (TCP/IP, DNS, firewalls, etc.) Operating systems (Windows, Linux) Cybersecurity concepts (threat types, vulnerabilities, malware, etc.) Familiarity with security tools such as: SIEM platforms (e.g., Microsoft Sentinel, QRadar) Strong analytical and problem-solving skills. Good written and verbal communication skills. Willingness to work in rotational shifts, including nights, weekends, and holidays. Preferred Qualifications Internship or hands-on experience in a SOC or security role. Basic certifications such as: CompTIA Security+ Certified SOC Analyst (CSA) Microsoft SC-200 Familiarity with incident response frameworks and playbooks. Soft Skills Quick learner and ability to adapt in a fast-paced environment. Strong team player with a collaborative mindset. Attention to detail and ability to handle repetitive tasks with consistency.

We are seeking a talented and highly motivated Microsoft Sentinel SIEM Engineer to join our Dedicated Defense group. As a key member of our team, you will be responsible for deploying and maintaining Microsoft Security technologies to enhance threat detection, response, and overall security posture. This is an exciting opportunity for an individual with expertise in major SIEM technologies, aiming to help safeguard critical systems and data from evolving cyber threats. Responsibilities: Architect, deploy, and maintain Microsoft Sentinel for SIEM use cases including log ingestion, data normalization, and incident correlation. Manage and optimize Microsoft Defender for Endpoint, Identity, Cloud, Office 365, and other Defender tools to maximize protection and visibility. Develop custom queries,detection rules, workbooks, and automation playbooks to improve threat detection and response efficiency. Lead the design and implementation of security monitoring, including data connectors, analytics rules, and incident automation. Collaborate with threat analysts and incident response teams to triage, investigate, and respond to security alerts and incidents. Provide technical guidance in security best practices, incident response procedures, and threat hunting using Microsoft security tools. Continuously assess the security landscape and recommend improvements to policies, tools, and configurations. In addition to strong technical acumen, the ideal candidate will bring excellent communication and client-facing skills to collaborate directly with customers, understand their security needs, and deliver tailored solutions that align with their risk posture and compliance requirements. Outcomes: Integration & Optimization: Integrate and optimize Microsoft Sentinel to improve visibility and automate threat detection workflows Threat Detection: Utilize Microsoft Sentinel AI-powered analytics to dashboard reports and automate critical reporting functions Automation & Playbook Development: Develop automated detection and response playbooks based on Microsoft data feeds, streamlining incident management and reducing time to resolution. Collaboration & Knowledge Sharing: Work closely with other security and IT teams to share threat intelligence, optimize SIEM use, and contribute to security strategy development. Reporting & Documentation: Develop and maintain dashboards, reports, and documentation related to Microsoft Sentinel deployment, performance, and incident metrics. Continuous Improvement: Continuously evaluate Microsoft Sentinel capabilities and other relevant security tools to recommend improvements and refine detection capabilities. Required Qualifications: 5 years of SIEM experience in Splunk, Qradar, Microsoft, and comparable SIEMS Hands-on experience with other SIEM platforms (Splunk, IBM QRadar, Microsoft Sentinel, etc.) and integrating them with endpoint security tools. Strong understanding of cybersecurity principles, threat detection, and SIEM management. Experience working with Sentinel One Core EDR technology Proficiency in scripting and automation (Python, PowerShell, etc.). Experience with cloud security (AWS, Azure, GCP) and cloud-native SIEM solutions is a plus. Bachelor s degree in computer science, Information Security, or a related field (or equivalent experience). Preferred Qualifications: 5 years of experience in cybersecurity in a SOC or security engineering capacity. Proven hands-on expertise with Microsoft Sentinel and Microsoft Defender suite. Deep knowledge of Kusto Query Language (KQL) and building custom analytics rules and workbooks in Sentinel. Strong experience in customer-facing roles. Experience with incident response, threat detection, and threat hunting techniques. Strong understanding of cloud security, especially in Azure environments. Familiarity with MITRE ATT&CK, NIST, and other security frameworks. Experience integrating Sentinel with third-party solutions (e.g., threat intel feeds, ticketing systems).

Experience: 0-1 Years Provide first-level technical support for network-related issues Troubleshoot and resolve basic network issues, ensuring timely resolution. Assist with IP addressing tasks and basic IP understanding. Collaborate with senior engineers to escalate complex issues and follow up until resolution. Ensure effective communication and coordination with customers and internal stakeholders. Document and maintain accurate records of customer interactions and technical solutions. Stay up-to-date with industry trends and technologies related to network support. CCNA certification is preferred but not mandatory.

We are looking for a hands-on and motivated OT Security Analyst with around 3 years of experience in securing Operational Technology (OT) and Industrial Control Systems (ICS) environments. This role will support the implementation and improvement of our manufacturing security program. You will play a key part in shaping OT security strategies, supporting the deployment of security controls, and collaborating with cross-functional teams to strengthen our OT security posture. Key Responsibilities: Implement and support security controls for PLCs, HMIs, SCADA systems, RTUs , and other OT assets. Perform risk assessments , define segmentation strategies , and contribute to OT security baselines . Work with OT security tools such as Claroty, Nozomi, Armis, or Tenable.ot to monitor and protect industrial networks. Collaborate with plant operations, engineering, and OT vendors for secure implementation and lifecycle support. Assist in SIEM log integration , alert triage, and incident investigation related to OT systems. Support network segmentation , firewall configuration , and passive traffic monitoring within OT environments. Participate in the creation of documentation, playbooks, and process improvements for OT security operations. Required Skills & Qualifications: 3+ years of experience in OT/ICS cybersecurity or related roles. Strong understanding of ICS protocols like Modbus, DNP3, OPC , etc. Experience with industrial devices and systems (PLCs, SCADA, RTUs, robotic automation). Familiarity with OT-specific risks and the unique constraints of industrial environments. Exposure to OT security tools (e.g.,Claroty, Nozomi, Armis, Tenable.ot ). Working knowledge of SIEM tools , firewalls , and network segmentation in OT setups. Good communication skills and the ability to work with multi-disciplinary teams. Preferred (Nice to Have): Certifications like GICSP, GRID, IEC 62443 or other OT security credentials. Familiarity with NIST CSF , IEC 62443 , or related cybersecurity frameworks. Experience working in manufacturing or industrial sectors .

Develop, test, and maintain detection rules and logic across SIEM, EDR, and other security platforms. Identify and implement detection use cases based on emerging threats and TTPs, leveraging the MITRE ATT&CK framework. Analyze security data to identify trends, anomalies and potential threats. Collaborate with incident response teams to validate and refine detection mechanisms. Optimize detection rules to reduce false positives while ensuring accurate threat identification. Perform threat hunting and contribute to adversary emulation exercises. Integrate threat intelligence into detection workflows to stay ahead of emerging threats. Document and maintain playbooks, detection logic, and response procedures. Work closely with stakeholders to align detection strategies with business objectives. Key Competencies: Strong analytical and problem-solving skills. Effective communication and documentation abilities. Ability to collaborate in a team-oriented environment.