Job Description

The Cybersecurity Purple Team Analyst will support maintenance and improvement of the organization’s cybersecurity posture by conducting adversary emulation exercises while simultaneously developing and enhancing detection and response capabilities and responding to live incidents as required.

Key Responsibilities:

• Conduct initial analysis of priority security incidents escalated from the Security Operations Center according to established procedures.
• Execute incident response procedures during all phases: detection, analysis, containment, eradication, and recovery.
• Document incident details, maintain case records, and assist in preparing incident reports and metrics.
• Support post-incident reviews by gathering relevant data and helping identify areas for improvement.
• Assist in testing and maintaining SOAR incident response procedures and playbooks.
• Participate in incident response training exercises and drills.
• Perform authorized security testing activities:
  • Execute controlled penetration tests under supervision.
  • Validate security controls through authorized adversary emulation.
  • Automate security testing and detection processes using Python, PowerShell, or similar tools.
• Support red team exercises:
  • Assist in planning and scoping engagement scenarios.
  • Document findings and attack paths.
  • Test blue team detection and response capabilities.
• Contribute to the offensive security program:
  • Maintain awareness of emerging threats and attack techniques.
  • Develop adversary emulations that reflect realistic threat scenarios.
  • Develop and maintain novel intrusion detection capabilities, such as cyber deception.

Preferred Experience and Skills

• 1-3 years of experience in cybersecurity, IT security, or related technical field.
• Hands-on experience with security monitoring and incident response tools.
• Familiarity with common attack techniques and incident response procedures.
• Hands-on experience with security tools such as EDR, SIEM, and breach simulation solutions.
• Experience with vulnerability scanning tools and methodologies.
• Understanding of offensive security concepts and attack frameworks (MITRE ATT&CK).
• Good analytical and problem-solving skills.
• Good documentation and technical writing abilities.
• Ability to work in a fast-paced environment and handle multiple priorities.
• Good communication skills and ability to work effectively in a team.
• Strong ethical standards and understanding of security testing boundaries.
• Willingness to participate in an on-call rotation.

Education:

• Bachelor’s degree in information technology, cybersecurity, computer science, or a related field.
• Equivalent combination of education and relevant experience may be considered.