Apply
Systems Security Analyst
Fully Remote
Apply
Description

Reports To: VP, Information Security & Technology

Employment Type: Full-Time 

Environment: Cloud-only | ~150 users / ~200 endpoints | SOC 2 & HIPAA regulated


Position Summary

The Systems Security Analyst is a hands-on security professional responsible for operating, improving, and scaling the organization’s security posture across endpoints, identity, monitoring, and incident response. 


This role works deeply within the Microsoft security ecosystem (Intune, Defender XDR, Sentinel, Entra) and owns critical operational domains including device lifecycle management, vulnerability remediation, identity governance, and security monitoring. The analyst will lead initial incident investigations and containment efforts while escalating significant events to leadership as appropriate. 


This is a security-focused role, not a traditional helpdesk position, though it will support secure device onboarding/offboarding and assist with internal software and technical support where necessary. 


This role is suited for a security professional who thrives in a growing organization and enjoys building scalable, sustainable systems.


Areas of Responsibility

  1. Security Operations and Monitoring 
  • Perform daily monitoring and analysis using Microsoft Defender XDR and Sentinel
  • Investigate, triage, and prioritize security alerts, suspicious activity, and anomalies based on risk and impact
  • Maintain structured, well-documented investigation records
  • Continuously tune alerts to reduce noise and improve signal quality 

2. Incident Response 

  • Lead investigation and containment of low- to medium-severity security incidents and support high-severity events under executive direction
  • Coordinate response actions across affected systems and stakeholders
  • Escalate high-severity or business-impacting incidents to executive leadership
  • Document incident timelines, root cause analysis, and remediation actions
  • Contribute to post-incident reviews and control improvements
  • Provide as-needed support during active security incidents outside standard business hours 

3. Endpoint and Device Security

  • Own device onboarding and offboarding workflows using Intune and automation tooling
  • Enforce and maintain endpoint security baselines and configuration policies
  • Own endpoint patching and vulnerability remediation to meet defined SLAs
  • Monitor device compliance and drive corrective actions when standards are not met 

4. Identity and Access Management

  • Manage identity lifecycle processes in Microsoft Entra
  • Enforce least-privilege access using role-based access controls
  • Conduct periodic access reviews and remediate excessive privileges
  • Support user provisioning and deprovisioning 

5. Security Program Maturity and Automation

  • Improve operational efficiency through scripting and automation (PowerShell and related tools)
  • Use AI-driven workflows to enhance monitoring, reporting, and remediation
  • Identify process inefficiencies and propose scalable improvements to strengthen the security program

6. Documentation, Compliance and GRC Alignment

  • Maintain thorough documentation of security procedures and controls
  • Gather and organize audit-ready evidence for SOC 2 and HIPAA
  • Align operational practices with policy and risk management expectations
  • Partner with internal GRC leadership to ensure execution matches documented controls

7. Security-Aligned Technical Support

  • Assist with internal software and technical support where security or device management intersects
  • Serve as a security escalation point for technical issues
  • Collaborate cross-functionally to resolve issues without owning general IT support 
Requirements
  • 3-6 years of experience in security operations, endpoint security, or systems administration
  • Hands-on experience with Microsoft Intune, Defender XDR, Sentinel, and Entra
  • Experience operating in regulated environments (SOC 2, HIPAA preferred)
  • Strong understanding of identity governance and least privilege principles 
  • Hands-on expertise in PowerShell development and Microsoft Sentinel automation, including workflow and response automation
  • Strong documentation and organizational skills
  • Ability to communicate technical findings clearly to non-technical stakeholders
  • Ability to operate independently while aligning with leadership direction

What Success Looks Like

Within 90 days, this role: 

  • Independently runs daily security monitoring 
  • Owns device lifecycle and vulnerability management
  • Leads initial incident investigations confidently
  • Produces audit-ready documentation
  • Improves at least one operational process through automation 
Apply
View All Jobs