Title: Cybersecurity Analyst / Cyber Incident Responder
Location: St. Paul, MN 55117
Duration: 12 months

Primary Job Function    

• Responsible for investigating, analyzing, and responding to security incidents across the organization’s environment.
• Leads or executes complex incident response activities, adapts standard procedures to evolving threats.
• Plays a critical role in protecting the organization’s technology assets by identifying, analyzing, and responding to cybersecurity threats that may result in unauthorized access, misuse, or disruption of services.

Core Job Responsibilities    

• Monitor security alerts and events from various tools (SIEM, EDR, IDS/IPS, etc.) to identify potential incidents.
• Perform triage, correlation, and in-depth analysis of security events, including indicators of compromise (IOCs), malware activity, phishing attempts, and suspicious network behavior.
• Conduct forensic analysis on systems, networks, and endpoints to determine root cause and scope of incidents.
• Develop and implement response strategies to mitigate immediate threats and prevent recurrence.
• Support the implementation, tuning, and monitoring of security tools such as SIEM, EDR, firewalls, and intrusion detection systems. 
• Ensure security controls are effectively detecting and preventing malicious activity. 
• Validate and enhance alerting mechanisms to reduce false positives and improve detection accuracy.
• Document incidents thoroughly, including timelines, impact assessments, and remediation actions.

Position Accountability & Scope    

• Accountable for timely detection, analysis, and response to cybersecurity incidents to minimize organizational risk and business disruption. 
• Works under moderate supervision but exercises independent judgment when handling incidents and escalating issues. 
• Responsible for maintaining the confidentiality, integrity, and availability of organizational systems and data. 
• Collaborates cross-functionally with IT, network, security engineering, and business teams during incident response activities. 
• Contributes to continuous improvement of incident response processes, playbooks, and detection capabilities. 
• Ensures compliance with internal security policies, standards, and regulatory requirements.

Minimum Education    

• Bachelor's degree in Information Technology or similar area; or equivalent work experience.

Minimum Experience/Training     

• 3 years of technical experience in a Security Operations Center (SOC), incident response, or cybersecurity-related role.
• Demonstrated experience with security monitoring and investigation tools (e.g., SIEM such as Splunk, EDR platforms, email security tools). 
• Strong understanding of network protocols, operating systems, enterprise security controls and frameworks such as MITRE ATTACK. 

 
 
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 41.00/hr.