Sr. Cyber Security Analyst

As a Cybersecurity Analyst, you will be responsible for supporting and monitoring CannonDesign's cybersecurity operations. The Cybersecurity Analyst is a cybersecurity professional who monitors security alerts, investigates security incidents, conducts risk assessments, implements security controls, and contributes to the development of security policies & procedures. The ideal candidate has strong analytical skills, a proactive mindset, and a passion for defending digital assets in an ever-evolving threat landscape.

• Monitor, analyze and respond to security events, identify vulnerabilities, and develop strategies to address security incidents.
• Conduct vulnerability assessments, risk analysis, and security audits to identify weaknesses in systems and processes.
• Follow, prepare, design, and test security incident response procedures and playbooks.
• Develop, implement, and maintain cybersecurity policies, procedures, and best practices and ensure compliance industry standards (e.g., CMMC, NIST SP 800-53 & 171, SOC 2).
• Deploy, manage and maintain all security controls, systems and their corresponding or associated software, including endpoint security software, intrusion detection systems, cryptography systems, and privileged account management software.
• Participant in and/or lead the implementation of security controls, tools, and infrastructure to protect systems and data.
• Serve as a technical security expert, offering advice and support to IT and business units
• Stay informed on emerging cyber threats, attack vectors, and best practices, proactively recommending strategies to strengthen security posture.

• Bachelor's degree in cybersecurity, computer science, a related field or equivalent work experience.
• Minimum 8-10+ years' experience in Information Technology, with5+ years focused in cybersecurity.
• Cybersecurity certifications are a plus (CompTIA Security+, CEH, GSEC, CISM, CISSP).
• In-depth knowledge of IT infrastructure, including cloud platforms, operating systems (Windows & Linux/UNIX), and network components (routers, switches, firewalls, wireless access points).
• Experience working with Endpoint Protection Platforms, such as Microsoft Defender, SentinelOne Complete, etc.
• Experience working with enterprise identity and access management solutions.
• Experience on SSO (Single-Sign-On) technologies including SAML, federation of identities (IdP and SP), multi-factor authentication.
• Experience securing Azure and O365 environments; AWS is a plus.
• Experience working with enterprise SIEM platforms or Managed Detection and Response (MDR) services.
• Experience working with Zero Trust solutions.
• Experience with CMMC, NIST 800-171, and SOC 2 a plus.
• Working knowledge of Public Key Infrastructure, digital certificates and public-key encryption.
• Strong understanding of enterprise security architecture design, security concepts, principles, and technologies.
• Strong understanding of networking fundamentals and principals.
• Strong communication, collaboration, and problem-solving abilities.
• Ability to manage multiple projects independently while maintaining a security-first, customer-focused approach.