Hermeus logo

Cybersecurity Analyst

Hermeus
1 day ago
Full-time
On-site
Los Angeles, California, United States
Cybersecurity
Hermeus is a high-speed aircraft manufacturer focused on the rapid design, build, and test of high-Mach and hypersonic aircraft for the national interest. Working directly with the Department of Defense, Hermeus delivers capabilities that will ensure that our nation, and our allies, maintain an asymmetric advantage over any and all potential adversaries.

We are seeking a highly motivated and experienced Cybersecurity Analyst with a strong background in incident response, threat detection, and advanced security platform management, specifically leveraging Microsoft Defender and Microsoft Purview. The ideal candidate will be instrumental in defending our organization against sophisticated cyber threats, with a primary focus on mitigating malware and virus-related incidents. This role requires a blend of technical expertise, analytical skills, and a proactive approach to maintaining a robust security posture. 

Responsibilities:

Security Operations and Monitoring 

  • Monitor security alerts, dashboards, and logs across the Microsoft Defender suite (Endpoint, Identity, Cloud Apps, etc.) and Microsoft Purview to detect potential security incidents. 

  • Manage and optimize Microsoft Defender security policies, configurations, and deployment across the enterprise environment. 

  • Utilize Microsoft Purview capabilities (e.g., Data Loss Prevention, eDiscovery) to enforce compliance policies and protect sensitive data. 

  • Develop and maintain custom detection rules and alerts within the security platforms to address emerging threats. 

Incident Response and Handling 

  • Serve as a primary responder for security incidents, with a specific focus on malware, viruses, and other endpoint compromises. 

  • Perform forensic analysis, containment, eradication, and recovery steps during active incidents. 

  • Conduct root cause analysis for security incidents and implement necessary corrective and preventive measures. 

  • Document all incident response activities, findings, and lessons learned to continuously improve the IR process. 

Threat Management and Analysis 

  • Analyze threat intelligence to identify potential risks and vulnerabilities relevant to the organization. 

  • Proactively hunt for threats across the environment using tools like Microsoft Defender XDR. 

  • Develop and implement strategies to defend against prevalent malware types (e.g., ransomware, spyware, trojans). 

  • Stay current with the latest cybersecurity trends, attack techniques, and adversary tactics. 

Security Enhancement and Reporting 

  • Provide regular reports on the organization's security posture, incident metrics, and platform performance. 

  • Collaborate with IT and other departments to implement security best practices and system hardening across the infrastructure. 

  • Assist in the development and delivery of cybersecurity awareness training for employees. 

Minimum Requirements:

  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent practical experience.
  • Minimum of 3-5 years of experience in a dedicated cybersecurity role (e.g., Security Analyst, Incident Responder, SOC Analyst). 
  • Proven, in-depth hands-on experience managing, configuring, and utilizing the Microsoft Defender suite (Defender for Endpoint is critical) and Microsoft Purview (DLP, Information Protection). 
  • Demonstrated experience in managing the full lifecycle of security incidents, from detection and analysis to containment, eradication, and recovery. 
  • Strong understanding of current malware and virus infection vectors, persistence mechanisms, and remediation techniques. 
  • Proficiency in security information and event management (SIEM) tools, vulnerability management, and endpoint detection and response (EDR) principles. 

Preferred Skills & Experience:

  • Relevant certifications (e.g., CompTIA Security+, GIAC GCIH, Microsoft SC-200/SC-400).
  • Experience with scripting languages (e.g., PowerShell, Python) for automation and analysis.
  • Familiarity with cloud security principles, particularly within the Azure/Microsoft 365 ecosystem. 
$117,300 - $160,000 a year
The salary information provided is a general guideline only. Hermeus takes various factors into account, including, but not limited to, the position's scope and responsibilities, the candidate's professional background, education and training, essential skills, and market and business considerations, when presenting a job offer.  Compensation is only one part of our total rewards package. Hermeus offers competitive salary and equity, unlimited PTO policy, generous parental leave, potential for year-end bonuses, and more! 
 
•100% employer-paid health care  
• 401k & retirement plans  
• Unlimited PTO  
• Weekly paid office lunches   
• Fully stocked breakrooms  
• Stock options    
• Paid Parental Leave   
U.S. EXPORT CONTROL COMPLIANCE STATUS 
The person hired will have access to information and items subject to U.S. export controls, and therefore, must either be a “U.S. person” as defined by 22 C.F.R. § 120.62 or otherwise eligible for deemed export licensing. US persons include U.S. citizens, U.S. nationals, lawful permanent residents (green card holders), and asylees and refugees with such status granted, not pending. 

EQUAL OPPORTUNITY
Hermeus is an Equal Opportunity Employer. Employment decisions at Hermeus are based solely on merit, competence, and qualifications, without regard to race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability, or any other legally protected status.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.