As a hands-on role, the Security Analyst is a member of Fortra’s Corporate Security Operations Center (SOC) team. The role is responsible for managing cybersecurity controls, triaging security alerts, analyzing threats, maintaining security operations while also handling IT Service Management (ITSM) responsibilities. This role focuses on monitoring, investigating, and responding to cyber threats across Fortra’s multi-platform infrastructure (Entra ID, AWS, Azure, Windows, Linux, network, etc.) to ensure the resilience and security of the organization. The ideal candidate will possess strong analytical skills, a keen eye for identifying and escalating threats to senior team members, and the ability to manage IT service workflows effectively.

WHAT YOU'LL DO

• Proactively monitor and analyze security events, assist in the detection and response to security incidents, and contribute to the overall security posture of the organization.
• Monitor security alerts and notifications from various security platforms and log sources, including SIEM, IDS/IPS, firewalls, and endpoint detection and response (EDR) tools to identify suspicious activity.
• Investigate security incidents from detection through resolution, ensuring thorough documentation and timely escalation.
• Conduct in-depth analysis of potential phishing emails, and malware activities to determine their relevance and potential impact on the organization and take corrective actions, or escalating incidents to the incident response team as necessary.
• Collaborate with other SOC members and stakeholders to improve threat detection, workflows, and incident response processes.
• Develop and maintain detailed documentation of security configurations, incidents and remediation activities.
• Work on improving monitoring and response capabilities in AWS and Azure environments.
• Collaborate with Cloud Operations and IT teams to ensure security measures are integrated into all aspects of the organization’s infrastructure.
• Continuously enhance knowledge by staying updated with the latest cybersecurity trends, threats, and remediation strategies.
• Other duties as assigned.

QUALIFICATIONS

• Bachelor’s degree in Cyber Security, Information Technology, or related field.
• 5+ years of cybersecurity experience.
• 3+ years of experience working in a SOC, or cybersecurity operations role.
• Relevant industry certifications such as CompTIA Security+, GIAC Security Essentials (GSEC), ISC2 Systems Security Certified Practitioner (SSCP), AWS Security Specialist, or Azure Security Engineer Associate.
• Knowledge of security frameworks such as MITRE ATT&CK, and NIST CSF are beneficial.
• Experience with security tools such as SIEM, IDS/IPS, endpoint detection and response (EDR), and vulnerability scanners.
• Solid understanding of IAM, networking, cloud technologies, Windows & Linux operating systems, and cybersecurity best practices.

Preferred Skills:

• Strong analytical and investigative skills, with the ability to think critically and problem-solve under pressure.
• Excellent communication skills, including the ability to convey technical information to non-technical audiences.
• Ability to work independently and collaboratively in a fast-paced environment.
• Programming / Scripting (Python, PowerShell, Bash) skills are a plus.

3347