IT Security Analyst

About Re:Build Manufacturing

Re:Build Manufacturing is a growing family of industrial and engineering businesses combining enabling technologies, operational superiority, and strategic M&A to build America’s next generation industrial company. At Re:Build we deploy deep expertise in engineering, operations management, and technology to supercharge the performance of our member companies. We leverage deep professional expertise and a candid, principled operating culture to drive differentiated outcomes. Ours is a fast-paced environment where individuals can stretch and be challenged to pursue their fullest potential.

Re:Build was founded to pioneer a profitable model for the revitalization of US manufacturing. We’ve assembled a powerful set of complimentary capabilities and lines of business that enable us to pursue a wide range of end markets. Our acquired businesses are grounded in build-to-print and by-the-hour engineering and design services, and we’re leveraging their combined expertise to migrate to increasingly sophisticated program development and production, as well as the generation of our own products. Our unique set of capabilities lend themselves to highly complex systems and products, and we offer customers a range of services including product and systems design, automation, fabrication, assembly, and large volume contract manufacturing. Our customers span a wide array of industries including aerospace, defense, mobility, healthcare, pharma, biotech, clean tech, chemicals, energy, lifestyle, food production, and industrial equipment.

Who we are looking for

This role is instrumental in defending Re:Build against sophisticated cyber threats, with a main focus on mitigating malware/virus and software vulnerability-related incidents, specifically leveraging Microsoft Defender, Purview, and Sentinel, and a solid background in threat detection, incident response, and the Microsoft security suite. This role requires a blend of technical expertise, analytical skills, and a proactive approach to continually improve our security posture.

What you get to do!

• Monitor security alerts, dashboards, and logs across the Microsoft Defender suite (Endpoint, Identity, Cloud Apps, Vulnerability Management, etc.), Microsoft Purview, and Microsoft Sentinel to detect and respond to potential security incidents and track and prioritize vulnerability remediation.
• Manage and optimize Microsoft Defender security policies, configurations, and deployment across the enterprise environment.
• Utilize Microsoft Purview capabilities (e.g., Data Loss Prevention, eDiscovery) to enforce compliance policies and protect sensitive data.
• Develop and maintain custom detection rules and alerts within the security platforms to address emerging threats.
• Serve as a primary responder for security incidents, with a specific focus on malware, viruses, and other endpoint compromises, performing forensic analysis, containment, eradication, and recovery steps during active incidents.
• Conduct root cause analysis for security incidents and implement necessary corrective and preventive measures.
• Document all incident response activities, findings, and lessons learned to continuously improve the IR process.
• Analyze threat intelligence to identify potential risks and vulnerabilities relevant to the organization.
• Proactively hunt for threats across the environment using tools like Microsoft Defender XDR.
• Develop and implement strategies to defend against prevalent malware types (e.g., ransomware, spyware, trojans).
• Stay ahead of the latest cybersecurity trends, attack techniques, and adversary tactics.
• Provide regular reports on the organization's security posture, incident metrics, and platform performance.
• Collaborate with IT and other departments to implement security best practices and system hardening across the infrastructure.
• Assist in the development and delivery of cybersecurity awareness training for employees.

What you bring to the Team

• A bachelor's degree in information technology, cybersecurity, related field, or equivalent experience.
• Relevant cybersecurity certifications (e.g., Microsoft SC-100/200/300/400, CompTIA Security+/CySA+/SecurityX, GIAC GSEC/GCIH).
• 3-5 years of demonstrated experience managing, configuring, and utilizing Microsoft Defender, Purview, and Sentinel.
• Experie