Back to Job Search

Cybersecurity Analyst - Microsoft 365 Security & Compliance

Posted 21 days ago

This DFW-based leading employer has an immediate 3-4 month contract-to-hire opportunity in Arlington, TX for a Cybersecurity Analyst experienced with Microsoft 365 Security & Compliance Center.  Will temporarily be working remotely due to COVID-19 but must be able to work onsite up to 50% of the time in the future.  Must also be able to come onsite when needed to touch any equipment.  The purpose of this position is to ensure the security of applications, services, information, and network infrastructure across the enterprise. The person in this position will interact closely with internal customers, software developers, IT administrators and technicians, risk and compliance staff, and other key stakeholders to build and advance information and network security strategies and programs; and identify and remediate information security issues. The Cybersecurity Analyst will serve as an essential subject matter expert to all the functional groups and project teams, will analyze risks and perform testing and validation activities in support of IT change management processes or internal and external audits, and will support compliance requirements set by regulatory bodies or internal and external audits. This role will work to improve the ability of the organization to protect the confidentiality, availability, and integrity of its information assets.  Immediate projects will involve Microsoft Cloud Security Services, Vulnerability Management, and Firewalls.

Key Responsibilities:
  • Monitors, analyzes, and responds to alerts from security tools and services.
  • Performs cybersecurity incident detection, analysis, and response.
  • Performs security operations, administers security tools, analyzes trends, methodologies, and best practices for securing services, platforms, and operating systems at cloud, network, server, and endpoint levels.
  • Contributes to the design, development, and testing of hardware, software, and cloud-based systems to ensure they are protected against cyber threats.
  • Reviews existing system design and architecture and makes security-related recommendations.
  • Performs vulnerability scans of networks, applications, and endpoints to assess the effectiveness of patch management and application development processes.
  • Assists in responding to internal and external compliance audits, data requests, penetration tests, and vulnerability assessments.
  • Assists with multiple technology/information security projects simultaneously.
  • Maintains hardware and software tools used to support information and network security operations.
  • Assists in the development and implementation of information security policies, standards, guidelines, and procedures.
  • Monitors and analyzes threat intelligence feeds and industry news and events to keep abreast of current and emerging security trends, vulnerabilities, and threats.
  • Participates in change management and incident review as needed. Documents changes and actions in change management and ticketing systems.
  • Performs related work as assigned.
  • Bachelor’s degree from an accredited college or university in Computer Science, Information Systems, or related field. An equivalent combination of related education and experience may be substituted.
  • Experience with Microsoft 365 Security & Compliance Center and the Security tools in Microsoft 365.
  • 3 years of functional experience securing enterprise networks and information systems according to Industry frameworks, such as NIST 800-53, ISO 27000 Series, and COBIT.
  • Certification and Other Requirements: Valid state issued driver’s license. ISC2, ISACA, or GIAC certifications preferred. ITIL Foundation certification preferred.
  • Knowledgeable across a variety of security products including, but not limited to, firewalls, network and host-based intrusion detection (IDS) and intrusion prevention systems (IPS), security information event monitoring (SIEM) software, e-mail and Web security gateways, endpoint detection and response (EDR), and data loss prevention. Knowledge of regulatory compliance requirements for PCI-DSS, HIPAA, PII, etc.
  • Strongly prefer knowledge of Microsoft Cloud Security Services, Vulnerability Management, and Firewall.
  • Prefer knowledge/experience with for vulnerability management.