Cybersecurity Analyst

Working hours

We are hiring two shifts for this position:

7:00 PM to 5:00 AM MST on Mon-Tues-Wed with a Sunday Swap

7:00 PM to 5:00 AM MST on Thurs-Fri-Sat with a Sunday Swap

Location requirements

100% remote, USA – work from home

Who you are:

The ideal candidate will be comfortable working in a fast-paced, multi-tenant MSP environment, with strong threat detection, incident response, and client-facing communication skills.

What you will be doing:

• Monitor and analyze security events across multiple customer environments using Rapid7 InsightIDR and SIEM/SOAR platforms.
• Investigate security incidents including phishing, malware, lateral movement, and privilege escalation attempts.
• Respond to alerts and escalations in real-time, and execute playbooks for containment, eradication, and recovery.
• Tune detection rules, correlation logic, and dashboards in Rapid7 to reduce false positives and improve visibility.
• Use InsightVM to correlate vulnerabilities with threat intelligence and risk posture.
• Document incident reports and ensure clear, professional communication with client stakeholders.
• Collaborate with NOC, Infrastructure, and Application Support teams to ensure secure operations.
• Provide recommendations for remediation and threat mitigation.
• Support compliance reporting and evidence collection for customer audits (e.g., HIPAA, PCI, ISO).
• Contribute to continuous improvement of SOC processes and runbooks
  
  

Skills and experience you have:

• 2–4+ years of experience in cybersecurity, preferably in a SOC or MSP environment.
• Strong experience with Rapid7 InsightIDR, InsightVM, and understanding of the full Rapid7 ecosystem.
• Familiarity with SIEM, SOAR, EDR, vulnerability scanners, and firewalls.
• Deep knowledge of common attack techniques (MITRE ATT&CK, phishing, ransomware, etc.).
• Strong working knowledge of Windows, Linux, and cloud environments (AWS, Azure).
• Scripting or automation experience (PowerShell, Python, or bash) is a plus.
• Excellent analytical thinking, documentation, and incident handling skills.
• Experience with ticketing systems (e.g., ConnectWise, ServiceNow) and collaboration tools (e.g., Slack, Teams).
• Client-facing experience (status updates, RCA calls, etc.).
• Experience with multi-tenant SIEM/SOC environments.
• Understanding of regulatory compliance frameworks (NIST, SOC 2, ISO 27001, etc.).
• Interest in growing into a Threat Hunter or Security Engineer role.
  
  

Certifications (preferred but not required):

• Rapid7 InsightIDR Certified Specialist
• Security+, CySA+, GCIA, GCIH, or CEH
• AWS Certified Security or Azure Security Engineer
  
  

Pay And Benefits

This is a full-time position located in the United States and performed remotely with no travel.

Estimated Starting Salary/Wage Range: $31.00 to $36.00 hourly, less applicable withholdings and deductions, paid on a semi-monthly basis(The actual salary offered may vary based on relevant factors as determined in the Company’s discretion, which may include experience, qualifications, tenure [for existing employees]skill set, availability of qualified candidates, geographic location, certifications held, and other criteria deemed pertinent to the particular role. Note that the majority of individuals in the position will fall in the low to mid-level of this scale; the upper end of this pay scale is offered only in exceptional circumstances and/or for unusually qualified candidates.)

In addition to legally-required benefits, NexusTek offers a generous benefit package to eligible full-time employees, which currently includes the following:

• Four weeks of annual accrued PTO
• Seven paid national holidays
• Medical, dental, vision options
• Company-paid life insurance, short and long-term disability
• Voluntary benefits such as critical illness and accident
• Voluntary Legal Shield and identity theft protection
• Discretionary annual 401k match plan
• Generous employee referral bonus plan
• Employee Assistance Program
• Access to over 90,000+ courses in ADP My Learning
• StandOut employee engagement tools
• Eligible to apply for a Pluralsight license
• Eligible to apply for NexusTek Technical Academy or Leadership Academy
• We’re happy to provide our full benefits guide at any point in the process!
  
  

We’re happy to provide our comprehensive benefits guide. Each benefit is subject to eligibility requirements as specified in plan documents, and the Company reserves the right to modify the benefits it offers from time to time.

Interview Process - Typical interview process for this role:

Application Stage - Thanks for showing interest!

• Submit your application
• Complete the Culture Index Survey offered in the application steps (link to survey also provided below)
• Culture Index is offered in 30 languages - select in your native language!
• Culture Index Link: https://go.cultureindex.com/s/UFfhWqnV5S
  

Screening Stage - Let's get to know each other!

• Our recruiters carefully consider each application. If you are selected to move forward, we will contact you for the introductory screening
• 20 min Recruiter screening to introduce you to NexusTek and get to know what motivates you
  
  

Interview Stage - We’ll dive into your experience more in depth

• One-hour technical interview with Hiring Manager (virtual)
• 30 min follow-up interview with a member of the Senior team
• References – 3 professional references at least one direct supervisor
• You are welcome to request additional conversations with team members you didn’t get to meet during the process
  
  

NexusTek provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws

NexusTek participates in E-Verify for all US Employees

Please be aware of potential recruitment fraud and fake social media pages. NexusTek will never ask you to pay a fee as part of the interview process. Additionally, we will not ask for your personal banking information until you have signed an employment offer and completed virtual onboarding training and paperwork provided by our HR team.

All communications with NexusTek professionals will only be sent from an @nexustek.com or ADP email address and never originate from gmail.com, yahoo.com, or other commercial email services. If you are viewing this job post outside of our website and interested in exploring opportunities, please go directly to our Careers Page: https://www.nexustek.com/nexustek-careers/ or https://workforcenow.adp.com/mascsr/default/mdf/recruitment/recruitment.html?cid=567e686e-7575-49d9-b29f-985e7365f987&ccId=19000101_000001&type=MP&lang=en_US