Job Description
As a Cybersecurity Analyst at Winsor Consulting Group, you will be responsible for monitoring and responding to cybersecurity alerts, investigating suspicious activity, and assisting with the operational management of security platforms across multiple client environments. This position serves as a critical escalation point for security-related events and operational security tasks.
The Cybersecurity Analyst will work closely with the Security and Compliance team, Service Operations team, and client stakeholders to identify, triage, and remediate security incidents while maintaining accurate documentation and communication throughout the process. This role requires strong troubleshooting skills, attention to detail, and the ability to remain organized in a fast-paced environment.
Job Duties:
- Monitor and respond to alerts generated from SIEM, EDR, MDR, firewall, email security, vulnerability management platforms, and other security tools.
- Investigate suspicious activity including phishing attempts, malware detections, endpoint alerts, and identityrelated events.
- Perform initial remediation and containment actions following documented security procedures.
- Escalate advanced threats, major incidents, or complex investigations to senior security staff.
- Assist with operational management and health monitoring of cybersecurity platforms and toolsets.
- Review and track vulnerability findings and remediation activities.
- Assist with onboarding and deployment activities for securityrelated solutions and services.
- Maintain accurate documentation of incidents, findings, remediation steps, and operational changes.
- Participate in afterhours or oncall rotation responsibilities as required.
- Collaborate with Service Operations and Project teams during incident response or operational activities.
- Assist in providing professional communication and status updates to clients during security events or investigations.
- Contribute to the development and improvement of SOPs, documentation, and security operational processes.
Preferred Skills:Understanding of cybersecurity concepts including:
- Endpoint Detection & Response (EDR)
- SIEM and log analysis
- Multifactor authentication (MFA)
- DNS filtering
- Vulnerability management
- Phishing and malware analysis
- Identity and access management
- Familiarity with Microsoft 365 and Entra ID administration and security concepts.
- Experience working with cybersecurity platforms such as Huntress, SentinelOne, Microsoft Defender, ThreatLocker, CyberCNS/ConnectSecure, or similar tools.
- Strong troubleshooting, analytical, and organizational skills.
- Ability to prioritize and manage multiple incidents and operational tasks simultaneously.
- Strong verbal and written communication skills with a clientservice mindset.
- Ability to follow documented procedures while exercising critical thinking when investigating incidents.
- Experience with ConnectWise Manage, ConnectWise Automate, or similar PSA/RMM platforms is a plus.
Experience:
- 2+ years of experience in IT support, cybersecurity, or SOC operations
- Experience working in an MSP, MSSP, or Security Operations Center environment is a plus.
- Experience supporting Microsoftbased business environments preferred.
Education:
- High school diploma or equivalent required.
- Associate degree in Cybersecurity, Information Technology, Computer Science, or related field preferred.
- Relevant industry certifications such as SSCP, Security+, SC200, SC401, and AZ500, are a plus.