• Support 24/7 threat detection and incident response • Conduct continuous monitoring, detection, response, and prevention • Operate enterprise-wide detection and response capabilities leveraging SIEM, XRD, and Threat Intelligence platforms • Enhance threat detection rules through scripting and platform configuration • Enhance identity and access management platform’s security posture • Operate Data Loss Prevention (DLP) platform • Enhance endpoint, network, and cloud security posture • Conduct employee security awareness training

• Perform penetration testing of company owned application, networks, and systems • Perform web application and cloud discovery, enumeration, and exploitation • Assist in red team operations and adversary emulation exercises • Assess and communicate the operational risks of exploitation • Create testing plans and methods to find and confirm vulnerabilities • Scope and assess the time needed to complete operational testing tasks • Modify and adapt public exploit code and tools to meet operational requirements • Utilize and develop automation where possible to save time and gain efficiency • Serve as a subject matter expert to the organization for offensive security topics • Provide expertise to security operations, threat intelligence, and forensics, as needed • Work independently and troubleshoot technical and business process-related issues • Experience supporting a variety of different offensive engagements for a large enterprise • Ability to present complex topics, simply, to varying levels of the organization.

• Monitor security events, alerts, dashboards, and operational queues within SIEM, IDS/IPS, and cloud security platforms • Respond to operational tickets, incidents, and service requests within established SLA response timelines • Ensure ticket updates, escalations, documentation, and resolution activities comply with contractual SLA requirements • Perform initial triage and classification of cybersecurity and operational alerts • Escalate incidents in accordance with operational severity classifications and response procedures • Assist with incident investigation, event enrichment, and evidence collection activities • Support ticket management, workflow tracking, and operational documentation within JIRA or equivalent ITSM platforms • Monitor endpoint, network, cloud, and infrastructure telemetry for indicators of compromise or operational degradation • Support vulnerability management activities, including Nessus scan review and remediation tracking • Monitor and support security operations within AWS and Microsoft Azure cloud environments • Support Appgate Secure Access and Zero Trust access monitoring activities • Assist with Splunk dashboard monitoring, search analysis, correlation review, and alert validation • Support operational reporting, metrics collection, SLA tracking, and audit readiness activities • Maintain situational awareness across connected, degraded, and disconnected operational environments • Follow established cybersecurity procedures, change control processes, escalation paths, and operational playbooks • Participate in shift turnover briefings and operational status reporting • Support coordination activities between NOC, CSOC, engineering, cloud operations, and field support personnel • Maintain operational logs, incident records, and audit documentation

Role Description Milestone Technologies is hiring for a Security Analyst to serve our growing business at a Fortune 500 enterprise client. This role is responsible for ensuring continuous infrastructure reliability for multiple revenue-generating services. - Provide support through security operations incident management processes to protect and/or restore service operations as quickly as possible and minimize impact on customers. Qualifications - Minimum 3+ years of experience working in 24x7 enterprise operations, preferably security operations. - Minimum 1+ years of experience working with SIEM, including running investigations (correlating events on different aspects such as source/destination addresses, usernames, and process names). - Demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management. - A sound understanding of TCP/IP and networking concepts. - Understanding of network design principles with knowledge of the OSI model. - Flexibility around being on-call or a scheduled rotation. - Service-oriented approach to resolving customer escalations, incident handling, and response. - Superior written communication skills. - Strong deductive reasoning, critical thinking, problem-solving, and prioritization skills. - Ability to rapidly find, assimilate and synthesize information correctly while under pressure. Requirements - IT-related degree or certification. - Prior experience analyzing data and pulling service logs to investigate trends and identify errors. - Network, Security, or Platform certification(s) (S+, N+, MCSP, CNA) is a plus. - Strong experience with SIEM tools and security event processes.