Senior Cyber Security Analyst

IPG Photonics is seeking a highly motivated and experienced individual to join our growing Cybersecurity team. As a Cybersecurity Analyst, you will support the growth and operational security of this fast-paced, dynamic, high-tech manufacturing company by interfacing with business and IT resources to ensure the effective delivery of security services. The ideal candidate is a diligent, hardworking individual with broad range of cybersecurity and IT experience, who is willing and able to learn new skills and technologies to help ensure the team achieves its mission. The candidate must be able to work with little supervision and be determined to deliver outstanding work.

Duties:

• Keep abreast of current security threats, events, technologies, and vendors.
• Support the relationship with our Managed Detection and Response vendor as they provide us with Tier-1 and Tier-2 SOC services.
• Support the Tier-3 SOC function, monitoring events escalated by our MDR partner and working to resolve them or delegating them to regional IR team members.
• Develop tactics to help combat emerging threats.
• Proactively collect, assess, and leverage cyber threat intelligence to reduce IPG's risk exposure and increase the resilience of our firm when dealing with advanced threats.
• Provide technical expertise and guidance on cybersecurity issues.
• Configure and manage Microsoft Defender (Defender for Office 365, Endpoint, Identity, and Cloud Apps) to protect against threats.
• Implement and maintain security controls using Microsoft Entra ID (Azure AD), including Conditional Access, MFA, and identity governance.
• Monitor M365 security posture and implement improvements based on best practices.
• Respond to phishing, malware, and account compromise incidents within the M365 ecosystem.
• Implement and manage Microsoft Purview (Compliance Portal) including Data Loss Prevention (DLP), eDiscovery, and Information Protection.
• Configure sensitivity labels, retention policies, and insider risk management controls.
• Ensure compliance with relevant regulations (e.g., GDPR, HIPAA, SOC 2) using M365 compliance tools.
• Conduct regular audits of data access, sharing, and permissions.
• Educate users on phishing, data protection, and secure collaboration practices.
• Help write IT and Security related policies and procedures.

REQUIRED QUALIFICATIONS

• 7+ years of Cyber industry experience.
• Experience working with SIEM solutions for evidence collection, and incident response purposes.
• Strong understanding of system hardening in physical, virtual, and cloud environments.
• Experience with Microsoft Azure and Microsoft 365 security and compliance.
• Experience documenting processes and internal IT security controls.
• Understanding of IT support models to ensure EDR responses are aligned with IT.
• Strong deductive reasoning, critical thinking, problem solving, and prioritization skills.
• Ability to work under tight deadlines and handle multiple/detail-oriented tasks.
• Ability to work independently as well as in a team environment.
• Outstanding verbal and written communication skills.

Preferred skills

The successful candidate will possess:

• The ability to think with a security mindset.
• Strong IT background with expert level knowledge in one or more security practice areas (endpoint protection, vulnerability management, network security monitoring, incident response, data loss prevention (DLP), etc.).
• Knowledge of AWS security
• Experience with hands-on configuration and operation of security tools.
• Experience with Active Directory.
• Experience with VMWare and Nutanix
• A solid understanding of the NIST and/or ISO security controls
• An understanding of SOX IT general controls.
• Must be detail oriented and able to multitask to meet deadlines and objectives.
• Experience working in a large, geographically diverse enterprise network.
• Relevant certifications such as GCIH, GSEC, GCFA, or CISSP are considered a plus.
• Willingness to attend security and risk related conferences and training.