Security Analyst

The Senior Analyst, Security role is responsible for advancing client security posture through proactive security engineering, continuous improvement of detection capabilities, and strategic alignment of security tooling and standards. This role drives optimization of high-fidelity monitoring practices, strengthening configurations, and producing actionable security insights—focusing on preventing threats, reducing organizational risk, and driving measurable security outcomes across client environments.

This role uses the NIST Cybersecurity Framework (CSF) 2.0 as an outcomes-oriented lens to help organize, prioritize, and communicate security strategy and execution (e.g., Govern/Identify/Protect/Detect/Respond/Recover), while influencing consistency and maturity across implementations.

Responsibilities:

• Operate and maintain proactive security capabilities across client environments, including monitoring, validation of security signals, and continuous improvement of configurations and detections.
• Conduct Security-as-a-Service operations, including reporting on security posture and security tool health/status.
• Improve detection quality by tuning correlation logic, dashboards, and alert thresholds to reduce noise and increase actionable outcomes.
• Perform advanced Windows and Microsoft 365 log analysis to identify suspicious patterns, misconfigurations, and early indicators of compromise, and translate findings into remediation actions.
• Advance hardening and baseline-aligned security implementations across endpoints, servers, identity, and cloud configurations.
• Support end-user risk reduction initiatives through security awareness training and phishing simulation platforms, including Huntress SAT and Breach Secure Now (where applicable).
• Ensure alignment of security tooling and operational practices to vertical requirements and ensure deployments match the applicable service model.
• Contribute to the evaluation of new security solutions for viability as service offerings, including feature comparison, operational fit, and standardization.
• Support internal AI and automation initiatives, including defining requirements, validating outputs, and scaling repeatable workflows.
• Act as a senior technical resource and escalation point, collaborating with cross-functional teams to coordinate deployments, resolve complex issues and improve/standardize processes.
• Provide clear, consultative client communication regarding security posture, risk exposure, and prioritized recommendations.
• Conduct compliance-related discussions and evidence narratives where needed (CMMC 2.0 context, SOC report awareness).
• Other related duties, as assigned.

Knowledge, Skills, and Abilities:

• Professionalism and strong written communication skills, with the ability to explain complex security concepts to varied audiences.
• Strong time management and organization; detail oriented.
• Ability to work independently, prioritize effectively, and be a self-motivator in a fast-paced MSP environment.
• Strong collaboration and stakeholder engagement skills, with the ability to influence decisions through expertise.
• Security Operations Tooling: Advanced hands-on experience with SIEM (log onboarding, normalization, correlation, alert tuning, dashboards) and EDR/XDR operations, supporting SOC workflows with knowledge of automation (playbooks, enrichment, repeatable workflows).
• Firewall Hardening, Switching, and Routing: Strong TCP/IP fundamentals with experience in network segmentation, switching/routing best practices, firewall hardening, secure configurations (rulesets, least privilege, logging), VLANs, port controls, and VPNs (IPSec/SSL).
• Email Filtering and DNS Filtering: Extensive experience supporting Email Threat Protection and Mimecast (preferred), along with DNS/Web filtering programs (policy management, rollout, troubleshooting).
• Identity, Access Management (IAM), Intune, and MFA: Advanced knowledge of IAM practices (governance, conditional access, privileged access), Intune-based endpoint management, and Duo MFA deployment/support.
• Endpoint Security: Advanced experience with SentinelOne and Huntress for endpoint protection, including deployment, operations, and integration into security workflows.
• Security Awareness Training: Experience with phishing simulation and awareness platforms (e.g., Huntress SAT) and familiarity with Breach Secure Now for compliance-aligned training.
• OS, Logging, and Automation: Strong Windows security logging/analysis skills with scripting/automation capability (PowerShell preferred; Python a plus) and support for AI-driven operational improvements.
• Vulnerability and Hardening: Ability to interpret complex vulnerability assessments and translate findings into actionable hardening and control improvements.
• Compliance Knowledge: Familiarity with CMMC 2.0 and SOC 1/2 concepts, with the ability to communicate security outcomes using frameworks like NIST CSF 2.0.

Requirements

Experience:

• Minimum: 7+ years experience working for a Managed Service Provider (MSP).
• Preferred: 10+ years of experience in information security, systems integration, or system administration (MSP environment strongly preferred).

Certificates, Licenses, Registrations:

• CISSP (highly preferred)
• Microsoft Certified: Azure Security Engineer Associate (AZ-500) (preferred)
• Microsoft Certified: Security Operations Analyst Associate (SC-200) (preferred)
• Microsoft Certified: Identity and Access Administrator Associate (SC-300) (preferred)
• Microsoft 365 security-focused certification (preferred)
• AWS Certified Security – Specialty (preferred) or equivalent AWS security credential