Cybersecurity Lead Analyst

Overview

Lead cybersecurity strategy, operations, and incident response using Microsoft security tools.

Key Responsibilities

• threat hunting
• incident response
• siem management
• identity management
• security awareness
• risk assessment

Tasks

-Monitors analysis of system access logs, ensuring only permitted individuals have access to company information. -Reviews violations of computer security procedures and discusses procedures with violators to ensure violations are not repeated. -Lead threat hunting and incident response activities using Microsoft XDR and SIEM tools. -Encrypts data transmissions and erect firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers. -Trains users and promotes security awareness to ensure system security and to improve server and network efficiency. -Administer and optimize Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365. -Performs complex risk assessments and executes tests of data processing system to ensure functioning of data processing activities and security measures. -Drafts plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs. -Facilitates risk audits and assessments and provides recommendations for application design to ensure operating effectiveness. -Maintain documentation for security policies, procedures, and audit readiness. -Stay current with emerging threats, vulnerabilities, and Microsoft security innovations. -Collaborate with IT leadership and stakeholders to assess risk and define security priorities. -Conduct risk assessments and vulnerability scans; manage remediation efforts. -Promote security awareness across the organization through training and communication. -Oversee Entra ID (Azure AD) identity and access management, including Conditional Access and Privileged Identity Management (PIM). -Ensures implementation of secure operating systems, networks and databases for the organization. -Conduct monthly Attack Simulations -Develop and maintain playbooks for automated response in Sentinel and Defender. -Implement and maintain Microsoft Purview for data governance, compliance, and information protection. -Ensure compliance with industry standards (e.g., NIST, GDPR, LGPD, DORA, other local data privacy laws). -Develop and execute the organization’s cybersecurity strategy aligned with business goals. -Manage and monitor Microsoft Sentinel for threat detection, incident response, and log analytics. -Conduct regular reviews of security configurations and policies across Microsoft 365 and Azure environments. -Coordinate with internal teams and external partners during security incidents and investigations. -Lead the cybersecurity team, providing mentorship, guidance, and performance management.

Requirements

• 3 years
• 5 years
• university degree

What You Bring

-3 Years Required; 5 Years Preferred -University (Degree) Preferred

People Also Searched For

About Nuveen, A Tiaa Company

-A global leader in asset management with expertise across fixed income, equities, and real estate. -Specializes in delivering innovative investment strategies for individuals, institutions, and those seeking long-term financial security. -Maintains a robust global footprint with operations across North America, Europe, and Asia. -Provides comprehensive portfolio management across sectors such as real estate, energy, and infrastructure. -Committed to sustainable growth and leverages deep market insights to create tailored solutions for clients. -Demonstrates a strong track record in both public and private markets, consistently helping clients achieve their financial goals.

Sector Specialisms