CyberMaxx prevents, detects, and responds to cyberattacks so organizations can have peace of mind.
Cybersecurity Analyst
Location
Maryland
Posted
14 hours ago
Salary
$70K - $80K / year
Seniority
Senior
Job Description
Cybersecurity Analyst
CyberMaxx
• Formalize and deliver security product tuning requests to improve detection capabilities and overall efficiency • Develop and maintain incident response use incidents, knowledge base articles, and other relevant documentation • Coordinate basic forensics activities as needed • Conduct after action reviews on high impact and otherwise noteworthy incidents to identify process and human capital improvements • Aid in onboarding and mentoring new team members • Drive and Implement continuous improvement, open communication, and sharing of knowledge • Assist with creation, review, and upkeep of internal documentation • Facilitate reasonable out-of-hours communications such as company email and occasional SOC operations related phone calls to resolve escalated issues • Actively influence team collaboration, cross-training, and documentation • Act as a primary subject matter expert for one or more security products • Act as initial escalation point for complicated or sensitive work • Identify and resolve opportunities to automate repetitive tasks • Proactively propose improvements for how to reduce risk and potential future incidents • Maintain high-level of expertise with products in use and the ability to quickly familiarize with related technologies
Job Requirements
- Bachelor’s degree in related field and/or equivalent work experience
- Certified in one or more intermediate level security certifications
- 3 years experience performing similar duties
- Ability to work all schedules in a 24/7 SOC Environment
- Demonstrated experience with the security industry including an understanding of best practices, risk mitigation, and compliance frameworks
- Able to function effectively in high stakes and high stress situations
- Legally capable of working in the US or EU or APAC regions as designated
- Passionate about cybersecurity and self-driven to continue to learn/develop relevant skillsets as well as maintain industry specific certifications
- Ability to quickly find answers to questions referencing manuals and/or Internet resources
- Fluent in English in both writing and speech.
Benefits
- Flexible Paid Time Off
- 401k with a company match
- Medical, Dental and Vision Coverage
- Voluntary Short Term and Long Term Disability
- Employee Assistance Program with Mental Health Supplement
- Voluntary Basic, Accidental, and other ancillary life insurance
- Health Savings Account Contribution (with selection of a HDHP)
- 10 annual, paid holidays
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
Information Security Analyst I
SNHU CareersAt SNHU, we do life-changing work — and not just for our students. Find out how your life can change, too.
• Respond and perform analysis on security alerts and incidents. • Support technical investigations of complex or high-severity security threats or incidents. • Coordinate information security incident response with SNHU's Information Security Incident Response Plan. • Support the incident response lifecycle and have the analytical mindset needed when it comes to escalated investigations and investigations into novel security incidents. • Participate in incident containment and eradication activities like endpoint isolation, malware remediation, forensic analysis, malware analysis, community member interviews, and network traffic analysis. • Work cross-functionally across ITS and all SNHU teams to provide support, guidance, and technical implementations where appropriate, to include triage, containment, and remediation when applicable. • Analyze digital evidence to identify indicators of compromise, adversary activity, root cause, incident timelines, and attack vector(s). • Conduct real-time monitoring of security events from multiple sources and use analytical and critical thinking skills to identify, triage, analyze, investigate, and escalate information security events and alerts. • Help perform investigations in complex or high-severity security threats or incidents. • Communicate with partners, in a non-technical manner, at all organizational levels as part of incident response and remediation activities. • Review and help implement standard operational processes for handling common incident types. • Demonstrate a deep source of ethics, integrity, and confidentiality. • Can remain calm and function at the highest level during a crisis.
• Monitor, and investigate security alerts and events across enterprise environments • Perform proactive threat hunting activities to identify malicious behavior and vulnerabilities • Support incident response efforts including assessment, containment, investigation, and remediation • Use Splunk SIEM for log analysis, correlation, detection, and monitoring • Work with EDR technologies including Cisco AMP, CrowdStrike, and Trend Micro, Microsoft Defender • Help with vulnerability management activities and exposure analysis • Coordinate with third-party patch management providers to validate remediation efforts • Investigate suspicious activity, malware infections, phishing attempts, and endpoint threats • Document incidents, findings, and remediation recommendations • Collaborate with IT, infrastructure, and security teams across multiple regions • Help improve detection logic, monitoring processes, and security operational
Threat Intelligence Analyst – Senior
FS-ISACThe only global cyber intelligence sharing community solely focused on financial services.
• Lead complex intelligence investigations involving cyber threat actors, ransomware operations, nation-state activity, vulnerabilities, and emerging threats • Collect, correlate, and analyze intelligence from technical and non-technical sources • Produce tactical, operational, and strategic intelligence assessments for members and stakeholders • Analyze adversary tactics, techniques, and procedures (TTPs) and map findings to frameworks such as MITRE ATT&CK • Assess the impact of cyber incidents, geopolitical developments, technology trends, and systemic risks affecting the financial sector • Author intelligence reports, threat assessments, alerts, white papers, and executive briefings • Present intelligence findings and risk recommendations to executives, members, and external partners • Translate technical intelligence into actionable business and risk-management insights • Lead information-sharing initiatives, intelligence exchanges, and member engagement activities • Build and maintain relationships with financial institutions, government agencies, law enforcement, and industry partners • Represent the organization at conferences, webinars, and industry forums • Leverages AI to enhance analysis, decision-making, productivity, and innovation • Maintains awareness of emerging AI technologies, threats, and risks • Contribute to intelligence strategy, collection priorities, and analytical standards • Identify opportunities to improve intelligence methodologies, workflows, automation, and reporting capabilities • Lead cross-functional projects and support organizational cyber resilience initiatives • Mentor Threat Intelligence Analyst I and II team members and provide analytical coaching and product reviews • Promote best practices in intelligence collection, analysis, reporting, and information sharing
Information Security, Governance Risk, and Compliance Analyst
MercuryBanking for startups: mercury.com
Role Description Security failures are rarely caused by a single technical mistake. More often, they stem from gaps in governance, risk management, operational discipline, and accountability. Strong GRC programs help prevent those failures by making security a business priority, not just a technical concern. Mercury is growing rapidly, and as we scale, we need to continue building resilience, strengthening governance, and improving the way we manage risk across the company. We have a strong foundation today, but the next phase of growth will require scalable programs, thoughtful controls, and cross functional partnerships that allow Mercury to move quickly without sacrificing security. We are looking for an Information Security GRC Analyst to help mature Mercury’s security, risk, and compliance programs. This is not a traditional compliance role focused only on audits and evidence collection. You will help build the systems, processes, and guardrails that support business continuity, customer trust, and long term resilience. In this role, you will: - Lead and support security risk assessments across products, systems, vendors, and business initiatives. - Partner with Engineering, Product, IT, Legal, Operations, and other teams to identify, evaluate, and mitigate risk. - Drive audit readiness and compliance initiatives across frameworks such as SOC 2, PCI DSS, NIST, CIS, and ISO 27001. - Conduct gap assessments against security and compliance frameworks, then build practical plans to close those gaps. - Design, implement, and mature scalable governance processes and security controls. - Help improve Mercury’s business continuity, resilience, and third party risk management programs. - Translate compliance and risk requirements into clear, actionable guidance for technical and non-technical stakeholders. - Identify opportunities to automate controls, evidence collection, and recurring GRC workflows. - Help ensure Mercury’s security program remains strong, efficient, and aligned with the speed of the business. Qualifications - Have experience scaling security, risk, compliance, or governance programs in a high growth SaaS, fintech, or cloud native environment. - Understand security frameworks such as SOC 2, PCI DSS, NIST, CIS, and ISO 27001, and can translate them into practical controls. - Bring strong ownership and project management skills, with a track record of driving cross functional initiatives from concept to completion. - Are comfortable creating structure from ambiguity and building programs or processes from scratch. - Take a risk based approach to decision making and can distinguish between theoretical risk and material business risk. - Communicate clearly with technical and non-technical stakeholders. - Have enough technical depth to partner effectively with engineers and evaluate security controls in cloud native environments. - Care about building security programs that enable the business rather than slow it down. Requirements - Tools and technologies you may work with: - AWS Config and AWS Audit Manager - GitHub - Vanta - GRC platforms and workflow tools - Cloud native security and compliance tooling Benefits - The total rewards package at Mercury includes base salary, equity, and benefits. - Our salary and equity ranges are highly competitive within the SaaS and fintech industry and are updated regularly using reliable compensation survey data. - New hire offers are made based on a candidate’s experience, expertise, geographic location, and internal pay equity relative to peers. - Our target new hire base salary ranges for this role are: - US employees in New York City, Los Angeles, Seattle, or the San Francisco Bay Area: $153,400 to $191,800 - US employees outside of New York City, Los Angeles, Seattle, or the San Francisco Bay Area: $138,100 to $172,600 - Canadian employees, any location: CAD 145,000 to CAD 181,300 Company Description Mercury is a fintech company, not an FDIC-insured bank. Banking services provided through Choice Financial Group and Column N.A., Members FDIC. Mercury values diversity & belonging and is proud to be an Equal Employment Opportunity employer. All individuals seeking employment at Mercury are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation, or any other legally protected characteristic. We are committed to providing reasonable accommodations throughout the recruitment process for applicants with disabilities or special needs. If you need assistance, or an accommodation, please let your recruiter know once you are contacted about a role.




