Principal Security Analyst - Microsoft Sentinel /Chronicle

Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients' cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States, Canada, the United Kingdom, and India.

About the Role:

The Managed Services Principal Security Analyst is a customer-facing role focused on delivering security solutions and exceptional client experiences. As a trusted advisor, the Principal Security Analyst is responsible for strategic advisory, advanced analysis, and custom security content for Cyderes' managed service customers. This role requires consistent representation of the Cyderes brand through effective collaboration and positive engagement with internal teams and clients.

Responsibilities:

• Own security outcomes for assigned customers, ensuring high-quality SOC deliverables and alignment with client expectations.
• Lead customer-facing calls to discuss incident investigations, provide strategic guidance, and offer recommendations for improving security posture.
• Perform advanced threat hunting and proactive investigations to detect, isolate, and mitigate malicious activities in customer environments.
• Act as a technical lead within the SOC, providing mentorship, guidance, and leadership to other Security Analysts.
• Oversee real-time monitoring and detection activities using SIEM, EDR, and other security tools, ensuring timely identification and escalation of threats.
• Collaborate with internal teams, such as Detection Engineering, to refine detection rules and enhance automation workflows to close gaps in customer security posture.
• Maintain and update security operations processes and incident response playbooks to ensure they remain current and effective.
• Provide training to Security Analysts on tools, processes, and emerging threats to enhance team capabilities.
• Lead post-incident reviews, identifying lessons learned, and sharing findings to improve operational effectiveness.
• Tailor detection and response strategies to meet the unique needs of individual customer environments.
• Stay informed of the evolving threat landscape to provide actionable insights and ensure a proactive approach to security operations.

Requirements:

Experience: Minimum 5+ years of professional experience in cybersecurity, with a strong background in security operations.

Security Information and Event Management (SIEM): Must have advanced knowledge and experience with SIEM platform, such as Microsoft Sentinel and/or Google SecOps (Chronicle). Must have strong experience reading and writing YARA and/or KQL.

System Administration Knowledge/Experience: Expertise securing and investigating security incidents on Windows, Unix/Linux, and MacOS environments.

Networking Proficiency: Advanced understanding of networking concepts, including the ability to analyze network artifacts and logs effectively.

Endpoint Detection and Response (EDR): Hands-on experience with EDR tools such as SentinelOne, CrowdStrike, Microsoft Defender, or equivalent platforms is preferred.

Technical Skills: Proficient in threat hunting, malware analysis, and leveraging security tools to investigate and mitigate threats.

Communication: Strong written and verbal communication skills, with the ability to create and present reports, dashboards, and strategic recommendations.

Certifications (Preferred): Industry-recognized certifications such as CISSP, GIAC, GCIH, GCFA, OSCP, or equivalent.