24/7 Security Analyst

Location: The company is Malta-based, however, you will be working remotely.

The Mission

At CyberSift, we don't just monitor alerts; we build the filters that stop the noise. We are an AI-driven security firm sitting at the intersection of Machine Learning and Threat Intelligence. As a Security Analyst, you won't just be staring at a dashboard, you will be the \"Human in the Loop\" for our proprietary security tools, hunting for advanced threats and helping us automate the future of defense.

What You'll Actually Do

• Proactive Threat Hunting: Use our customized ML-driven SIEM to hunt threats ranging from \"living off the land\" attacks to zero-day anomalies across a vast array of customer environments and complex digital infrastructures.
• Detection Engineering: Don't just follow playbooks, write them You'll maintain and improve our install scripts and automation workflows to ensure our defense is always one step ahead.
• Offensive Pivot: We believe the best defenders know how to attack. You will participate in Red Teaming and Penetration Testing engagements for our tier-1 clients.
• Product Evolution: Work directly with our dev team to provide feedback on our ML models. If you see a way to make the product smarter, you'll have the autonomy to build it.

Who You Are

• The SIEM Specialist: You've spent 2+ years in a SOC environment and can navigate Elasticsearch/Kibana or any other SIEM
• The Hunter: You can analyze Windows, Linux, and Firewall logs to reconstruct an attack narrative from raw data.
• The Scripter: You speak Python and Bash. If you have to do something twice, you've already automated it.
• Communicator: You can explain a complex exfiltration event to a C-level executive in clear English.

Perks & Culture

• Innovation in Action: We don't believe in static defense. You'll work at the front lines of our AI development, providing the \"human-in-the-loop\" feedback needed to suppress false positives and improve our proprietary sifting algorithms.
• The Pentesting Path: We provide a clear track for growth from SOC Operations into Offensive Security.
• Full Remote Autonomy: Work from anywhere while remaining part of a tight-knit core team.
• Shift Flexibility: This role operates on a rotating 24/7 schedule to ensure our global clients are always protected.