IT Security Analyst

About the role

Code Metal is looking for a mid‑level IT Security Analyst to strengthen the security posture of its enterprise and enclave environments. You will work closely with engineering, DevOps, and leadership to detect threats, investigate incidents, and support continuous security improvement.

Key responsibilities

• Monitor and analyze alerts from SIEM, EDR, and other security tools to identify suspicious activity.
• Investigate security events, perform triage, and escalate incidents to the appropriate teams.
• Conduct proactive threat‑hunting activities to uncover hidden risks.
• Support vulnerability management, including scanning, analysis, prioritization, and remediation tracking.
• Assist in executing and refining incident‑response procedures and runbooks.
• Analyze system, network, and audit logs across enterprise and enclave environments.
• Maintain endpoint security controls such as application whitelisting and privilege/elevation management.
• Participate in phishing simulations and user‑awareness initiatives.
• Collaborate with DevOps and engineering to communicate findings and support remediation.
• Help with compliance activities, evidence collection, and control validation.
• Document incidents, processes, and standard operating procedures clearly.

Required profile

• Bachelor’s degree in Cybersecurity, IT, Computer Science, or related field, or equivalent experience.
• At least 2 years of experience as a security analyst or in a similar role.
• Eligibility to obtain and maintain an active U.S. Top Secret security clearance.
• Strong communication and documentation skills.

Required skills

• Experience with SIEM and EDR platforms.
• Proficiency in vulnerability management tools.
• Knowledge of common attack techniques and threat detection.
• Log analysis and event correlation across multiple data sources.
• Endpoint security controls, including application whitelisting and privilege management.
• Threat‑hunting and incident‑response workflows.