Job Description:
We are looking for a highly skilled Senior Analyst to join our Threat Management team. This role focuses on SOC operations, cybersecurity threat response, email and messaging security, Microsoft 365 and identity management, endpoint security, and operational support. The Senior Analyst will play a critical role in safeguarding our environment, mentoring junior analysts, and driving improvements in detection and prevention mechanisms.
Responsibilities:
Threat Management & SOC Operations
- Analyze and respond to cybersecurity threats and security incidents.
- Track incident detection, response, and closure timelines.
- Perform threat intelligence enrichment, correlation, and contextual analysis.
- Assist in developing mitigation strategies for emerging threats.
- Coordinate with Incident Response (IR) and Threat Detection teams during investigations.
- Monitor threat trends and recommend improvements to detection rule packs (“golden pack”).
- Conduct periodic policy reviews and recommend security hardening measures.
- Manage ad-hoc customer requests related to threat management.
- Update and manage aging incidents and requests.
Email Security & Messaging Security
- Manage Email Security Gateway solutions (Cisco ESA/SMA, Mimecast, Proofpoint, Microsoft Defender for Office 365).
- Configure anti-spam, anti-phishing, URL protection, and attachment protection policies.
- Manage quarantine, message tracing, SPF, DKIM, and DMARC configurations.
- Troubleshoot email flow issues and optimize security policies.
- Monitor and respond to email-related security incidents.
Microsoft 365 & Identity Management
- Administer Microsoft 365 services (Exchange Online, Teams, SharePoint, OneDrive).
- Manage user provisioning, licensing, mailboxes, and distribution groups.
- Support hybrid environments and tenant-level troubleshooting.
- Configure and manage Microsoft Entra ID (Azure AD) services:
- Conditional Access, MFA, SSPR, Identity Protection, PIM
- Troubleshoot authentication and directory synchronization issues.
- Manage RBAC roles and administrative access controls.
Endpoint Security & Intune
- Administer Microsoft Intune for device and application management.
- Implement compliance policies, configuration profiles, and endpoint security policies.
- Manage application deployment and Windows Autopilot.
- Integrate Intune with Microsoft Defender and Conditional Access.
Operations & Team Support
- Utilize security tools (EDR/XDR, SIEM) for investigations and response actions.
- Provide guidance and support to junior analysts.
- Improve workflows and operational efficiency.
- Handle exclusion management for security policies and rules.
- Documentation, reporting, and stakeholder communication.
About SecurityHQ:
SecurityHQ is a global cybersecurity company. Our specialist teams design, engineer and manage solutions that do three things: Promote clarity and trust in a complex world. Build momentum around improving security posture. And increase the value of cybersecurity investment within organizations. Free from limitations, and inclusive of all requirements, we focus on defending today, while mitigating the risks of tomorrow. And into the future. Our solutions are tailored to our customers and their unique context. Around the clock, 365 days per year, our customers are never alone.
SecurityHQ – We’re focused on engineering cybersecurity, by design.
