Cybersecurity Senior Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

CREO · 17 hours ago

Cybersecurity Senior Analyst

positionDurham, NC
timeFull-time
remoteOnsite
seniorityMid, Senior Level
date3+ years exp

CREO is a company that provides cybersecurity consulting services, focusing on Microsoft security technologies. The Cybersecurity Senior Analyst will support the delivery of these services by executing technical tasks, performing analysis, and producing documentation for client presentations and recommendations.

Non Profit
check
H1B Sponsor Likelynote

Responsibilities

Execute scoped technical tasks in client environments under direction of the engagement Consultant/Lead (e.g., configuration exports, evidence capture, running approved scripts/queries, validating settings)
Track assigned tasks, dependencies, and blockers; escalate issues early with proposed options
Coordinate primarily with internal consulting staff; join select client meetings as needed for technical context or note-taking (client communication typically routed through the Consultant/Lead)
Perform identity posture reviews: privileged role assignments, admin hygiene, MFA coverage, legacy authentication exposure, risky sign-ins context gathering, and guest/external access posture
Support Conditional Access initiatives by documenting policy intent, performing impact analysis (who/what is affected), validating implementation results, and capturing evidence
Assist with access governance activities (e.g., access reviews status, group/role hygiene, application registration/service principal inventory support)
Support validation of key M365 security controls such as anti-phishing/anti-spam policy posture, Safe Links/Safe Attachments configuration evidence, and tenant security settings
Assist with basic domain/email authentication, posture checks (SPF/DKIM/DMARC status documentation and recommendations)
Support evidence gathering and documentation for collaboration/data controls (e.g., SharePoint/OneDrive sharing posture, baseline checks) as scoped by the engagement lead
Validate endpoint security onboarding coverage and basic posture (e.g., sensor health, policy application status, and tamper protection evidence)
Support collection of endpoint investigation context (alert/device timeline exports, event/log context gathering) as permitted by client procedures
Assist with documenting endpoint hardening gaps and recommended next steps for Consultant review
Support monitoring operations: incident queue review support, connector health checks, data onboarding validation, and log source verification
Write, adapt, and run KQL queries to support investigations, reporting, and validation of detections (within defined scope and review processes)
Assist with documentation of analytics rules, triage guidance, escalation criteria, and operational runbooks; propose tuning recommendations based on alert quality/noise
Coordinate vulnerability scanning (e.g., Tenable/Qualys): scheduling, scope validation, credentialed scan setup (where applicable), and scan quality troubleshooting
Normalize results, validate false positives, and organize findings into actionable themes for remediation planning
Maintain remediation trackers, support retesting/closure evidence, and produce executive summaries of metrics and trends
Support Azure posture reviews through evidence collection and validation of secure configuration items (e.g., RBAC review inputs, logging/diagnostics settings, resource inventory exports)
Assist with triage/documentation of Microsoft Defender for Cloud recommendations and improvement plans
Support collection of evidence aligned to secure landing zone principles
Support investigations by gathering artifacts/logs, building basic timelines, and documenting actions taken
Follow defined playbooks and escalation criteria; assist with containment actions only when directed and approved
Support tabletop exercises and post-incident documentation (lessons learned, playbook updates)
Draft findings, evidence narratives, and remediation recommendations for Consultant review
Build and maintain engagement artifacts (spreadsheets, trackers, diagrams, working papers, dashboards) used in client-ready deliverables
Perform QA on deliverables and evidence; accuracy checks, consistency, completeness, and professional presentation

Qualification

Microsoft 365 securityPowerShell scriptingIAM engineeringAzure security engineeringCybersecurity experienceAnalytical skillsMicrosoft Certified SC-300Microsoft Certified AZ-500Communication skillsCompTIA Security+Cybersecurity Architect ExpertSecurity Operations Analyst AssociatePythonInfrastructure-as-CodeData protection compliance

Required

3-5 years in cybersecurity
Microsoft 365 administration and security configuration experience
Experience with PowerShell scripting (module development, Graph API, REST), automation runbooks, and CLI tooling
Hands-on IAM engineering: Conditional Access, MFA/passwordless, PIM/JIT, RBAC, access reviews, and user lifecycle (joiner/mover/leaver)
Azure and Microsoft security engineering: Sentinel, Defender for Cloud, Microsoft 365 Defender, secure landing zones, logging/monitoring
Strong analytical and communication skills
Bachelor's degree in a relevant field or equivalent experience
Microsoft Certified: Identity and Access Administrator Associate (SC-300)
Microsoft Certified: Azure Security Engineer Associate (AZ-500)

Preferred

Cybersecurity Architect Expert (SC-100)
Security Operations Analyst Associate (SC-200)
CompTIA Security+
Experience integrating CrowdStrike Falcon with Microsoft security tools
Experience with Infrastructure-as-Code (Bicep/Terraform) and policy (Azure Policy, Defender for Cloud)
Scripting beyond PowerShell (e.g., Python) for data analysis and automation
Experience with data protection and compliance controls (DLP, Purview)

Company

CREO

twittertwitter
company-logo
CREO is a 501(c)(3) not-for-profit organization that is helping mobilize more private capital into low-carbon and resource-efficient solutions by working with a network of qualified family offices, private investors, and advisors focused on collaboratively developing and investing in the global environmental marketplace.
dateFounded in 2011
location
New York, New York, USA
people-size11-50 employees
web-link
https://creosyndicate.org/

H1B Sponsorship

CREO has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2024 (4)

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Régine Clément
President and Chief Executive Officer
linkedin

Recent News

New Private Markets
Developer U tries to close ‘knowledge gap’ in climate tech development
2025-09-24
Company data provided by crunchbase