All roles

Open role

Level 2 Cyber Security Analyst

Remote · Brazil Full-time

Lyra Technology Group is a private equity-backed holding company that invests in and operates industry leading technology service businesses. Our companies are operated independently by exceptional management teams. Companies that join our group retain the employees, name, and culture that have made them successful. As a platform of Evergreen Services Group, we never divest from businesses we partner with and approach every decision with the goal of driving sustainable and healthy growth over the long term. Lyra Technology Group is looking for L2 Cyber Security Analyst for one of their operating companies, VirtualArmour. The primary role of our L2 Cyber Security Analyst is to work with customers for our Managed Security Services (MSS) department. The Cyber Security Analyst's role will help protect our customer networks against cybersecurity threats such as hackers, cyber-terrorists and malware that can steal or corrupt sensitive customer data. This role will be monitoring and analyzing customer networks, servers, databases, and end-point equipment for key indicators of compromise. Once a possible threat is detected, the analyst must investigate, respond to, and report to our customers with any recommended remediation. Cyber Analysts should have the experience and knowledge desired below and will also be enrolled in the VirtualArmour Academy, where students will be trained in other aspects of the role. A bit about VirtualArmour… VirtualArmour, founded in 2001, has 20+ years of serving as a trusted advisor, fulfilling the needs of businesses, enterprises, and organizations globally. From hardware configuration and deployment to ongoing managed security services, VirtualArmour's experience spans 12 industries with deep expertise in Financial Services, Healthcare, Transportation / Logistics, and Manufacturing. Your work as the Level 2 - Cyber Security Analyst includes several components:

  • Monitor and triage security alerts from EDR/XDR, SIEM, and related security tooling; prioritize incidents based on risk and business impact.
  • Investigate endpoint threats (malware, ransomware, credential theft, persistence, lateral movement) using Microsoft Defender for Endpoint (MDE), CrowdStrike EDR, SentinelOne EDR, and Stellar Cyber XDR.
  • Perform incident response activities: evidence collection, scoping, containment, eradication, recovery, and post-incident reporting.
  • Conduct endpoint and host-based analysis (process trees, command-line execution, registry changes, scheduled tasks, persistence mechanisms, network connections).
  • Correlate telemetry across endpoint, identity, network, and cloud sources to confirm malicious activity and reduce false positives.
  • Execute response actions (e.g., isolate host, kill/quarantine process, block indicators, remove persistence, enforce policy changes) in accordance with playbooks and approvals.
  • Develop and maintain detection and response playbooks/runbooks for common attack scenarios (phishing, suspicious PowerShell, credential dumping, suspicious service creation, etc.).
  • Create and tune alerting rules, exclusions, and detections to improve signal quality and reduce noise while maintaining security coverage.
  • Document investigations thoroughly: timelines, IOCs, impacted assets/users, actions taken, and recommendations for prevention.
  • Support threat hunting activities using EDR/XDR telemetry and threat intelligence to identify suspicious patterns and proactively reduce risk.
  • Participate in on-call rotation and shift-based SOC coverage as required.
  • Research security enhancements and make recommendations for management.
  • Stay up to date on information technology trends and security standards.
  • Train, mentor, and guide teammates through direct comms and by hosting knowledge transfer calls.

Our ideal L2 Cyber Security Analyst has the following qualifications:

  • 2–4 years of experience in a SOC, incident response, cyber analyst or security operations role.
  • 2–4 years of hands-on experience working with at least one (1) of the following:
  • Microsoft Defender for Endpoint (MDE)
  • CrowdStrike EDR
  • SentinelOne EDR
  • Stellar Cyber XDR
  • Strong knowledge of attacker tactics and techniques aligned to MITRE ATT&CK, NIST, Lockhead Martin (e.g., persistence, privilege escalation, lateral movement, exfiltration).
  • Solid understanding of Windows security fundamentals (event logs, authentication, common persistence locations) and basic Linux/macOS concepts.
  • Familiarity with common security log sources and workflows (SIEM concepts, ticketing/case management, escalation processes).
  • Ability to write clear incident documentation and communicate findings to both technical and non-technical stakeholders.
  • Experience handling sensitive information and following documented procedures and change controls.
  • Strong knowledge of the Windows and Linux operating systems.
  • Ability to establish and maintain a strong level of customer trust and confidence.

Preferred Qualifications

  • Experience with Microsoft security ecosystem (e.g., Defender for Identity, Defender for Cloud, Entra ID/Azure AD sign-in logs).
  • Basic scripting/automation skills (PowerShell, Python, or Bash) for investigation and enrichment tasks.
  • Familiarity with network security concepts, protocols (TCP/UDP, DNS, HTTP/S, TLS, proxies, VPNs), and packet/log analysis.
  • Threat hunting experience and building detections based on behavioral analytics.
  • Experience with vulnerability management and remediation tracking.
  • MSSP experience.
  • A bachelor's/master's degree in cyber security or related field, or equivalent level of experience within IT.
  • Security certifications (nice-to-have): Security+, CySA+, GCIH, GCIA, SC-200, or equivalent.

The target salary for this role is $100,000 per year and will operate in a fully remote model. If you are a quick learner with strong problem-solving skills and are able to work in a pressurized environment with conflicting priorities, we want to hear from you!

More open positions

Cyber Vulnerability Analyst (Encryptor Specialist)

Work from home Full-time role

IT Security Analyst - Microsoft Purview (REMOTE)

Work from home Full-time role

Threat Analyst

Work from home Full-time role

Director of Cyber Threat Intelligence (CTI)

Work from home Full-time role

Lead QA Engineer job at Supportworks in Omaha, NV

Work from home Full-time role

Senior Engineer - Municipal Projects

Work from home Full-time role

Remote Inbound Customer Experience Specialist – Home Appliance Support & Owner Success (Bodewell Division)

Work from home Full-time role

Crisis Counselor - Fully Remote in Merrimack, NH

Work from home Full-time role

Veterans Outreach & Fundraising Associate

Work from home Full-time role

Solutions Consultant

Work from home Full-time role

Unlock Your Potential: Entry-Level Data Entry Specialist - Remote Opportunity at careerzynith

Work from home Full-time role

Support and Service - Careers at Apple

Work from home Full-time role

Senior Salesforce Administrator

Work from home Full-time role

Italian Speaking Customer Advisor (Remote in Greece)

Work from home Full-time role

Digital Marketing Coordinator

Work from home Full-time role

[Remote] Industry Education & Training Senior Specialist

Work from home Full-time role

Executive Assistant

Work from home Full-time role

Growth Marketing Lead | $125K-$150K USD + Bonus + Equity + Remote | Award Winning AI Marketing SaaS Company

Work from home Full-time role

REMOTE Tax Manager/Sr. Manager/Director | salary

Work from home Full-time role

Remote LiveChat Customer Support Representative – Deliver Exceptional Service & Technical Solutions for careerzynith’s Digital Products

Work from home Full-time role

eCommerce Advertising Manager

Work from home Full-time role