About the Role

We're hiring a hands-on Security Analyst to own the day-to-day of our security program across endpoints, cloud, and identity. You'll monitor, investigate, and respond to threats while serving as the first point of contact for employees with security questions. This role has real ownership. You'll operate within established guidelines with appropriate oversight, but the day-to-day security operations are yours to run. We're looking for someone who takes that seriously, someone who can distinguish signal from noise, escalate when it counts, and handle their domain with consistency and care. We're a technical team that moves fast and expects its people to keep up. We want someone who is genuinely curious about how things work, stays current without being told to, and brings ideas rather than waiting for them.

What You'll Do

Daily & Weekly

• Monitor and triage Microsoft Defender alerts across endpoints, identity, and cloud
• Review Intune/MDM compliance dashboards, validate endpoint patch status, and follow up on non-compliant devices
• Monitor Azure Defender for Cloud, Azure Policy, and Entra ID for anomalous activity
• Handle front-line employee security questions and requests

Monthly

• Review access to protected systems and validate permissions remain appropriate
• Perform abuse screening per established runbook
• Execute web application security scans and document findings
• Verify Conditional Access policies are operating as configured and investigate any drift
• Review and adjust web filtering rules and endpoint traffic controls
• Prepare security metrics reports for leadership
• Surface process and tooling improvements to your manager

Quarterly

• Coordinate vulnerability scanning with our third-party security partner; triage results, brief Engineering on findings, and drive remediation to closure within SLA
• Support compliance evidence collection per compliance team direction

Annually

• Own coordination of our penetration test: scoping, scheduling, stakeholder liaison, and remediation tracking
• Support the annual audit evidence collection process

Required Qualifications

• 3–5 years in a hands-on security operations role across real enterprise environments
• Demonstrated experience across the Microsoft Defender suite: Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, and Defender for Cloud
• Working knowledge of Intune/MDM for endpoint compliance
• Experience with Azure security services: Azure Policy and Entra ID (Conditional Access, PIM, audit logs)
• Familiarity with GitHub Actions and/or Azure DevOps
• Experience supporting compliance programs - executing control tasks and contributing to evidence collection
• Strong collaborator - someone peers and stakeholders can rely on
• Genuinely curious - you follow threads, ask why, and don't stop at the surface

 Education
We prefer a Bachelor's degree in a technical field but will seriously consider candidates with an Associate's degree, relevant certifications, or equivalent hands-on experience. Military cybersecurity experience is highly valued.

Preferred Qualifications

• Microsoft certifications: SC-200, SC-300, AZ-500
• Experience with web application security scanning tools
• PowerShell or Python for log analysis and automation

Work Environment

You'll be the dedicated security analyst on an eight-person technical team, working closely with the compliance team, Engineering, IT, and our external security partners. Occasional availability outside business hours for security incidents is expected.