Junior Security Analyst - Pivotree (Corporate)
We are seeking a Security Analyst who will be responsible for working with various security
tools in a hybrid (cloud and on-prem), Linux and Windows-based environment. Day-to-day tasks
include monitoring, responding to incidents, and providing support and security
recommendations to both internal teams and external customers. Participation in on-call rotation
is required. Beyond the day-to-day, you will be working closely with systems administrators,
GRC, networking, and other teams on projects to mitigate risk, drive automation, refine and
document security procedures, and ensure compliance.
Roles & Responsibilities:
● Configuring and supporting various security tools (EDR, SIEM, WAF, vulnerability
scanners, IAM, alerting systems, password managers)
● Communicating with customers, internal teams (technical and non-technical), and
leadership on behalf of the Security team
● Writing clear, concise documentation, including playbooks
● EDR: installing and troubleshooting endpoint protection, managing exclusions,
researching threats and remediating alerts.
● IAM: managing groups, permissions, and server access; reviewing and tightening MFA
and password policies, assisting with SSO integrations.
● Vulnerability Management: analyzing vulnerability reports and working with customers
and internal IT teams to track and remediate critical vulnerabilities.
● SIEM: deploying log collectors, optimizing SIEM rules, and responding to alerts.
● WAF: implementing WAF rules, responding to incidents, and updating DNS records.
● Security Awareness: implementing security awareness training, designing and launching
● Incident Response: responding to alerts, investigating and remediating threats, and
writing post-mortem reports.
● GRC: Assisting with audit evidence collection (PCI, SOC 2, ISO 27001/2), presenting
evidence to auditors.
Key Skills and Competencies:
● Linux fundamentals and experience with MS Windows Server
● Strong understanding of networking concepts (routing, common ports/protocols, DNS,
firewalls, cloud computing fundamentals, VPN)
● Knowledge of IAM concepts (SSH, SSO, SAML, RBAC, PAM, Active Directory)
● Participation in on-call rotation; availability after-hours
● CompTIA Network+, Security+, CySA+, AWS Certified Cloud Practitioner
● Familiarity with NIST and CIS security standards
● Must have knowledge of vulnerability assessment frameworks.
● 1+ years of experience in security operations.
Pivotree is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive and accessible workplace.