Perform a comprehensive cybersecurity risk assessment and deliver a prioritized remediation plan.
Design and implement the organization's overall security strategy and roadmap.
Establish security monitoring, incident response, and threat detection processes.
Lead and mature Microsoft 365 and Azure security posture (Defender, Entra ID, Sentinel, Purview).
Own SOC 1 and SOC 2 compliance readiness and audit preparation.
Define and enforce IAM policies, MFA standards, and Zero Trust principles.
Develop and maintain security policies, standards, and documentation.
Evaluate and manage third-party vendors and SaaS platform security risks.
Oversee vulnerability management: assessments, tracking, prioritization, and remediation coordination.
Lead incident response, including coordination with MSPs, infrastructure teams, and leadership.
Establish security awareness programs and build a security-conscious culture.
Manage and mentor the Cybersecurity Analyst, providing technical direction and growth opportunities.
Report cybersecurity risks and program status to senior leadership.
Evaluate and recommend security tools and technologies.

A Bachelor's degree in Information Technology, Computer Science, or a closely related field is required.
At least 4–5 years of hands-on experience in IT-related projects: with a track record of delivering results in technical or infrastructure-focused environments.
A minimum of 2–3 years in a dedicated security-focused role or actively leading security initiatives.
Must be using a Windows device.
Proven hands-on experience in Disaster Recovery Planning (DRP) and/or Business Continuity Planning (BCP).
Genuinely flexible and adaptable to possible shift changes as business needs evolve.
Stable, reliable internet connection
Professional and dedicated remote working setup.

Cybersecurity Analyst

Key skills