Hermeus is a high-speed aircraft manufacturer focused on the rapid design, build, and test of high-Mach and hypersonic aircraft for the national interest. Working directly with the Department of Defense, Hermeus delivers capabilities that will ensure that our nation, and our allies, maintain an asymmetric advantage over any and all potential adversaries. We are seeking a highly motivated and experienced Cybersecurity Analyst with a strong background in incident response, threat detection, and advanced security platform management, specifically leveraging Microsoft Defender and Microsoft Purview. The ideal candidate will be instrumental in defending our organization against sophisticated cyber threats, with a primary focus on mitigating malware and virus-related incidents. This role requires a blend of technical expertise, analytical skills, and a proactive approach to maintaining a robust security posture. Responsibilities:

Security Operations and Monitoring

Monitor security alerts, dashboards, and logs across the Microsoft Defender suite (Endpoint, Identity, Cloud Apps, etc.) and Microsoft Purview to detect potential security incidents.

Manage and optimize Microsoft Defender security policies, configurations, and deployment across the enterprise environment.

Utilize Microsoft Purview capabilities (e.g., Data Loss Prevention, eDiscovery) to enforce compliance policies and protect sensitive data.

Develop and maintain custom detection rules and alerts within the security platforms to address emerging threats.

Incident Response and Handling

Serve as a primary responder for security incidents, with a specific focus on malware, viruses, and other endpoint compromises.

Perform forensic analysis, containment, eradication, and recovery steps during active incidents.

Conduct root cause analysis for security incidents and implement necessary corrective and preventive measures.

Document all incident response activities, findings, and lessons learned to continuously improve the IR process.

Threat Management and Analysis

Analyze threat intelligence to identify potential risks and vulnerabilities relevant to the organization.

Proactively hunt for threats across the environment using tools like Microsoft Defender XDR.

Develop and implement strategies to defend against prevalent malware types (e.g., ransomware, spyware, trojans).

Stay current with the latest cybersecurity trends, attack techniques, and adversary tactics.

Security Enhancement and Reporting

Provide regular reports on the organization's security posture, incident metrics, and platform performance.

Collaborate with IT and other departments to implement security best practices and system hardening across the infrastructure.

Assist in the development and delivery of cybersecurity awareness training for employees.

Minimum Requirements:

Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent practical experience.

Minimum of 3-5 years of experience in a dedicated cybersecurity role (e.g., Security Analyst, Incident Responder, SOC Analyst).

Proven, in-depth hands-on experience managing, configuring, and utilizing the Microsoft Defender suite (Defender for Endpoint is critical) and Microsoft Purview (DLP, Information Protection).

Demonstrated experience in managing the full lifecycle of security incidents, from detection and analysis to containment, eradication, and recovery.

Strong understanding of current malware and virus infection vectors, persistence mechanisms, and remediation techniques.

Proficiency in security information and event management (SIEM) tools, vulnerability management, and endpoint detection and response (EDR) principles.

Preferred Skills & Experience:

Relevant certifications (e.g., CompTIA Security+, GIAC GCIH, Microsoft SC-200/SC-400).

Experience with scripting languages (e.g., PowerShell, Python) for automation and analysis.

Familiarity with cloud security principles, particularly within the Azure/Microsoft 365 ecosystem.

U.S. EXPORT CONTROL COMPLIANCE STATUS

The person hired will have access to information and items subject to U.S. export controls, and therefore, must either be a “U.S. person” as defined by 22 C.F.R. § 120.62 or otherwise eligible for deemed export licensing. US persons include U.S. citizens, U.S. nationals, lawful permanent residents (green card holders), and asylees and refugees with such status granted, not pending.

EQUAL OPPORTUNITY

Hermeus is an Equal Opportunity Employer. Employment decisions at Hermeus are based solely on merit, competence, and qualifications, without regard to race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability, or any other legally protected status.

Cybersecurity Analyst

TLDR

Benefits