Direct-Cybersecurity Analyst – Security Monitoring & Incident Response(Remote)
0 views
Skip to first unread message
Roman CII Diversities
May 1, 2026, 10:10:36 AM (yesterday) May 1
to Comspark group Recruiter
Comspark Group a global, innovation-driven technology firm operating across the USA, India, Canada, Saudi Arabia, UAE, and Egypt, with over 18 years of leadership in resource outsourcing and specialized in advanced technologies currently seeking senior, qualified professionals for the following role with one of our direct clients.
Job Title: Cybersecurity Analyst – Security Monitoring & Incident Response(Remote)
Location: Columbia, South Carolina.
Contract: 12+ Months
Need State/public sector Experience
Daily Duties / Responsibilities:
• Continuously review and correlate security event data across SIEM, EDR, IDS/IPS, and threat intelligence sources to identify complex attack patterns, emerging threats, and security incidents.
• Perform deep-dive analysis of suspicious activity, validate incidents, determine root cause and impact, and escalate critical incidents with detailed context to Tier 3 as required.
• Create detailed incident reports, timelines, and post-incident summaries; contribute to lessons-learned documentation and recommendations for remediation and preventative measures.
• Investigate user-reported phishing, malware infections, and potential policy violations; advise users and internal/external teams on containment and recovery actions.
• Recommend updates to SOC playbooks and workflows based on real-world INVESTIGATIONS, fine-tune detection rules. Alert thresholds, and correlation logic to reduce false positives and improve threat coverage.
• Collaborate with engineering teams to ensure monitoring tools are properly configured and tuned. Integrate new threat intelligence feeds into workflows and proactively hunt for threats using up-to date tactics, techniques, and procedures (TTPs)
• Serve as a customer-facing SME, “selling” the value of DIS services by demonstrating capabilities and resolving issues.
• Document processes, runbooks, and troubleshooting steps related to SOC operations.
• Coordinate with engineering, SOC, and agency staff as needed to meet goals.
• Other duties as needed
• Continuously review and correlate security event data across SIEM, EDR, IDS/IPS, and threat intelligence sources to identify complex attack patterns, emerging threats, and security incidents.
• Perform deep-dive analysis of suspicious activity, validate incidents, determine root cause and impact, and escalate critical incidents with detailed context to Tier 3 as required.
• Create detailed incident reports, timelines, and post-incident summaries; contribute to lessons-learned documentation and recommendations for remediation and preventative measures.
• Investigate user-reported phishing, malware infections, and potential policy violations; advise users and internal/external teams on containment and recovery actions.
• Recommend updates to SOC playbooks and workflows based on real-world INVESTIGATIONS, fine-tune detection rules. Alert thresholds, and correlation logic to reduce false positives and improve threat coverage.
• Collaborate with engineering teams to ensure monitoring tools are properly configured and tuned. Integrate new threat intelligence feeds into workflows and proactively hunt for threats using up-to date tactics, techniques, and procedures (TTPs)
• Serve as a customer-facing SME, “selling” the value of DIS services by demonstrating capabilities and resolving issues.
• Document processes, runbooks, and troubleshooting steps related to SOC operations.
• Coordinate with engineering, SOC, and agency staff as needed to meet goals.
• Other duties as needed
Required Skills:
• 2+ Years of Experience with Security Monitoring and Incident Response.
• 2+ Years of Experience with MITRE ATT&CK framework.
• 2+ Years of Experience with dashboard creation and reporting.
• 2+ Years of Experience with MITRE ATT&CK framework.
• 2+ Years of Experience with dashboard creation and reporting.
Preferred Skills:
• Experience with the Palo Alto Cortex XSIAM/XDR platform.
• Knowledge of Linux, network administration and network design.
• Experience in administration of firewalls, VPN technology, Active Directory, Intrusion Detection/Prevention systems.
• Candidate is local to Columbia, SC or surrounding city in South Carolina
• Knowledge of Linux, network administration and network design.
• Experience in administration of firewalls, VPN technology, Active Directory, Intrusion Detection/Prevention systems.
• Candidate is local to Columbia, SC or surrounding city in South Carolina
*Celebrating 19th year Anniversary*
Thanks & Regards,ROMAN BOSE
Director-(Projects & Staffing)
ro...@ciidiversities.com
CII DIVERSITIES LLC(Subsidiary of Comspark group)
Minority Certified | ISO 9001-2008 Certified/ SAP/Dell boomi Partners
Outsourcing | Digital I Cyber| Development | ERP I Data/AII Staffing
www.ciidiversities.com
USA | INDIA | EGYPT|KSA|UAE I CANADA
Please check our latest Job postings:
https://www.facebook.com/groups/773523918748839
https://www.linkedin.com/groups/14916019/
Disclaimer: if you have received this email in error or wish to be removed, simply add “REMOVE” in subject line. The email id will be removed, Apologize for the inconvenience.
Reply all
Reply to author
Forward
0 new messages