Cyber Security Analyst

We are seeking a detailoriented Cyber Security Analyst to operate and optimize our endpoint, secure web gateway/ZTNA, and email security stackprimarily SentinelOne, Zscaler (Internet Access/Private Access), and Proofpoint (Email Protection/Threat Response). The analyst will lead daily detection & response, investigate threats, tune policies, and develop playbooks to reduce risk, improve user experience, and ensure compliance across a hybrid cloud environment.

Key Responsibilities

Threat Detection & Response

Monitor, triage, and respond to alerts from SentinelOne, Zscaler, and Proofpoint; perform endtoend investigations, containment, and remediation.

Execute EDR actions (isolate, rollback, kill/ quarantine) and coordinate with IT for patching and eradication.

Analyze phishing, BEC, malware, and DLP events; drive rapid containment and user communication.

Platform Operations & Policy Tuning

Maintain and optimize SentinelOne policies (agent health, exclusions, behavioral AI tuning, rollback readiness).

Administer Zscaler IA/PA policies (URL filtering, SSL inspection, FW controls, App Segmentation, posture checks) and ensure leastprivilege access under Zero Trust.

Configure Proofpoint inbound/outbound policies (spam/malware, impersonation, advanced threat, DLP); adjust rules to minimize false positives while preserving protection.

Hunting, Analytics & Automation

Conduct proactive threat hunting across EDR telemetry, web traffic, and email metadata.

Build detection logic and SOAR/SIEM integrations (e.g., playbooks for phishing triage, automated user notifications, case creation).

Create dashboards and metrics for security posture, MTTD/MTTR, falsepositive rates, blocked threats, and policy efficacy.

Incident Management & Compliance

Own incident lifecycle: identification, classification, response, root cause analysis, and postincident reviews.

Produce investigation notes, timelines, and evidence; maintain runbooks and knowledge base articles.

Support audits and compliance efforts (e.g., ISO 27001 controls, SOC 2 requirements, GDPR data handling, vendor risk).

Collaboration & Enablement

Partner with Networking, Endpoint Engineering, IT Service Desk, and Business Units to drive secure solutions.

Deliver user education on phishing, safe browsing, and data handling; publish advisories and awareness content.

Coordinate with vendors (SentinelOne/Zscaler/Proofpoint) for escalations, bug fixes, and bestpractice adoption.

Required Qualifications

• Bachelor's degree in Computer Science, Information Security, or equivalent experience.
• 25+ years in cyber security operations with handson expertise in SentinelOne EDR, Zscaler IA/PA, and Proofpoint Email Security.
• Solid understanding of endpoint security, malware tactics, phishing/BEC, DNS/HTTP(S), identity/Zero Trust, and email authentication (SPF, DKIM, DMARC).
• Experience with SIEM/SOAR tools (e.g., Microsoft Sentinel, Splunk, Cortex XSOAR) and writing detection rules/playbooks.
• Familiarity with MITRE ATT&CK, incident response methodology, and basic scripting (PowerShell/Python) for automation.
• Strong analytical, documentation, and communication skills.