Junior Cybersecurity Analyst - Charlotte, NC (Hybrid)
Optomi, in partnership with a multi-industry, global organization, is looking to add a junior Cybersecurity Analyst to its growing team! The Junior Cybersecurity Analyst will join an enterprise security team in a multi-functional role supporting Security Operations, Incident Response, Detection Engineering, and Security Automation initiatives. This role is designed to provide broad exposure across core cybersecurity disciplines while contributing to the day-to-day protection of the organization. The Junior Analyst will serve as a frontline defender, monitoring security systems, triaging alerts, and supporting investigations while developing skills in threat detection, automation, and engineering. This role is critical to building foundational cybersecurity talent and supporting a scalable, modern security operations program.
Key Responsibilities
Security Monitoring & SIEM Operations
- Monitor security alerts and logs across SIEM, EDR, and cloud platforms for suspicious activity.
- Perform initial alert triage, enrichment, and escalation based on severity and impact.
- Investigate anomalies and document findings in ticketing and case management systems.
- Support continuous improvement of alert quality and signal-to-noise ratio.
Incident Response Support
- Assist in the investigation and response to security incidents such as phishing, malware, and account compromise.
- Collect and analyze evidence, including logs, endpoint data, and network activity.
- Follow established incident response playbooks and escalation procedures.
- Document incidents, timelines, and outcomes for reporting and lessons learned.
Threat Detection & Engineering Support
- Assist in developing and tuning detection rules, alerts, and use cases within SIEM and EDR platforms.
- Support detection validation and testing efforts based on known attack techniques.
- Participate in basic threat hunting and log analysis to identify suspicious patterns.
- Help identify detection gaps and recommend improvements.
Automation & Tooling Support
- Assist in developing and maintaining automation scripts and workflows (e.g., SOAR, scripting).
- Support process automation for alert triage, enrichment, and response actions.
- Work with engineering teams to improve operational efficiency through tooling and integration.
Vulnerability & Security Operations Support
- Support vulnerability scanning, assessment, and remediation tracking.
- Assist with patching coordination and validation of remediation efforts.
- Help maintain security documentation, playbooks, and standard operating procedures.
Collaboration & Learning Development
- Work closely with senior analysts, engineers, and incident responders across multiple security functions.
- Participate in training, mentorship, and rotational assignments across security disciplines.
- Stay current on emerging threats, attacker techniques, and security technologies.
- Contribute to security awareness and knowledge sharing across the organization.
Qualifications
Required
- 0–2 years of experience in cybersecurity, IT, or related technical field (internships, labs, or projects acceptable).
- Basic understanding of cybersecurity concepts, networking, and operating systems.
- Familiarity with security tools such as SIEM, EDR, IDS/IPS, or cloud security platforms.
- Strong analytical and problem-solving skills with attention to detail.
- Ability to follow structured processes and work in a fast-paced environment.
- Strong written and verbal communication skills.
Preferred
- Exposure to scripting or programming (Python, PowerShell, or similar).
- Familiarity with cloud environments (AWS, Azure, GCP).
- Understanding of MITRE ATT&CK or common attack techniques.
- Experience with labs, CTFs, or personal cybersecurity projects.
- Relevant certifications (e.g., Security+, Network+, or equivalent).
