About PFX™
We engineer leading fluid solutions that keep the world moving and we’re building a better future while we do it. As a vertically integrated global powerhouse, we operate 17 manufacturing facilities and 4 R&D centers across the world, delivering performance from lab to road in over 40 countries.
PFX Group™ brings together a family of trusted companies including Recochem, Prestone, Adam’s Polishes, Kost USA, Ultra Clear, POR and Auto-Chem, each with deep expertise, regional insight, and a shared commitment to engineering excellence.
From automotive and heavy-duty thermal management systems to household and industrial solutions, our products are built for performance, reliability, and a commitment to sustainability. Join us and be part of a team that’s redefining what’s possible in fluid technology.
Role Overview
The Junior Cybersecurity Analyst supports daily security-operations activities across our hybrid environment (Azure, Microsoft 365, on-prem). Guided by senior analysts, you will monitor alerts, validate indicators of compromise, assist with incident response and threat hunting, contribute to vulnerability and risk assessments, and help harden email-security controls—all mapped to MITRE ATT&CK® and the Cyber Kill Chain®.
Key Responsibilities
Security Monitoring & Triage
- Review and triage Microsoft Sentinel alerts, endpoint telemetry and Fortinet firewall logs, escalating high-risk events.
- Validate IOCs (hashes, domains, IPs) against threat-intel sources and document findings.
Threat Hunting & Intelligence Support
- Participate in guided hunts using Sentinel workbooks and KQL queries aligned to ATT&CK tactics.
- Import STIX/TAXII feeds into Sentinel watchlists and enrich events with basic IOC and TTP context.
- Summarise emerging ransomware or vulnerability trends for weekly team briefings.
Incident Response Assistance
- Execute first-response playbook steps: evidence collection, endpoint isolation, malicious IP blocking and ticket updates.
- Maintain incident timelines and artifact repositories for senior analysts.
Vulnerability & Risk Assessments
- Run authorized vulnerability scans, export results and track remediation status with system owners.
- Assist in basic risk assessments of new applications or configuration changes, documenting potential impacts and mitigation steps.
Email Security & Anti-Phishing
- Review Microsoft Defender for Office 365 alerts, user-reported phishing emails and quarantine queues; escalate true positives.
- Support phishing-simulation campaigns and compile metrics for awareness reports.
Cloud & Identity Hygiene
- Verify MFA enforcement and baseline Conditional Access policies for new accounts.
- Review Azure sign-in logs for anomalies such as impossible travel or legacy authentication.
Documentation & Knowledge Management
- Update runbooks, detection-rule change logs and the internal knowledge base after each ticket or investigation.
Required Qualifications
- Minimum 1 year of hands-on experience in a SOC, security help-desk queue or similar IT-security role.
- Foundational knowledge of networking (TCP/IP, DNS), operating systems (Windows/Linux) and core security concepts.
- Exposure to at least one SIEM (preferably Microsoft Sentinel) and an EDR solution.
- Familiarity with MITRE ATT&CK, basic incident-response concepts, vulnerability scanning and email-security fundamentals.
- Ability to write or modify simple PowerShell, Bash or Python scripts for log parsing or automation.
- Coursework or certifications such as CompTIA Security+, Microsoft SC-900/SC-200, CEH or equivalent.
- Experience importing STIX/TAXII feeds, using threat-intel platforms or reviewing Microsoft Defender for Office 365 alerts.
- Familiarity with Azure AD/Entra ID security controls and Conditional Access
- Strong proficiency in English; bilingualism is an asset.
