Cybersecurity Analyst Job Description Template (Free, 2026)

Cybersecurity Analyst [Company Name] - [City, State] / Remote Full-Time | Information Security | Reports to: CISO or Head of Security About the Role: We are looking for a Cybersecurity Analyst to monitor, analyze, and respond to security threats across our infrastructure, applications, and endpoints. You will be a key member of our security operations function, responsible for detecting incidents, driving remediation efforts, and improving our overall security posture. You combine technical depth with a methodical mindset and communicate risk clearly to both technical and non-technical stakeholders. Responsibilities: - Monitor SIEM alerts (Splunk / Microsoft Sentinel / IBM QRadar) and triage security events to distinguish false positives from genuine threats - Investigate and respond to security incidents including malware infections, phishing attacks, unauthorized access, and data exfiltration attempts - Conduct vulnerability scans using Nessus or Qualys, analyze results, and coordinate remediation with system owners - Manage and tune endpoint detection and response (EDR) tools such as CrowdStrike Falcon or SentinelOne - Perform threat intelligence analysis and apply indicators of compromise (IoCs) to detection rules - Conduct phishing simulations and deliver security awareness training to employees - Support compliance activities for SOC 2 Type II, ISO 27001, GDPR, or HIPAA as applicable - Review firewall rules, IAM permissions, and network access controls to identify misconfigurations - Document incident timelines, findings, and lessons learned in postmortem reports - Contribute to the development and maintenance of security policies, standards, and runbooks Required Qualifications: - 2+ years of experience in a cybersecurity analyst, SOC analyst, or information security role - Hands-on experience with SIEM platforms and log analysis at scale - Familiarity with OWASP Top 10 vulnerabilities and common attack techniques (MITRE ATT&CK framework) - Experience with vulnerability management processes including scanning, prioritization, and remediation tracking - Understanding of network fundamentals including TCP/IP, DNS, firewalls, and VPNs - Proficiency in reading and analyzing logs from operating systems, cloud environments, and applications - Strong written communication skills for documenting incidents and presenting risk to stakeholders - CompTIA Security+ or equivalent entry-level security certification Nice to Have: - Experience conducting penetration tests or red team exercises - Familiarity with cloud security on AWS, Azure, or GCP (e.g., GuardDuty, Security Center, Security Command Center) - GIAC GSEC, CEH, CySA+, or CISSP certification - Scripting skills in Python or PowerShell for automating detection and response tasks - Experience supporting a SOC 2 or ISO 27001 audit Compensation and Benefits: - Base salary: [Salary Range] (see benchmarks below) - Equity: [Stock options / RSUs] - Health, dental, and vision insurance - [X] days PTO plus public holidays - Remote-friendly or hybrid work arrangement - Annual certification and conference budget About [Company Name]: [Write 2-3 sentences describing your company, the security environment, and what the analyst will protect.] [Company Name] is an equal opportunity employer committed to a diverse and inclusive team.