SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. 45273, Cincinnati, OH
  3. Cybersecurity Analyst

Cybersecurity Analyst

KPI Solutions
Posted 12 hours ago, valid for a day
Location

Cincinnati, OH 45273, US

Salary

Competitive

Contract type

Full Time

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Sonic Summary

info
  • The Cybersecurity Analyst at KPI Solutions is responsible for the day-to-day management of the information security program, including 24/7 threat detection and incident response.
  • Candidates should possess a BS/BA in a related field and have progressive experience in software or automation environments, with hands-on experience in administering security tools like SIEM/EDR and Microsoft Defender.
  • The role requires strong organizational and communication skills, and familiarity with SOC 2 Type 2 evidence collection is preferred.
  • The position offers a competitive salary ranging from $80,000 to $100,000, depending on experience, and typically requires 3-5 years in a similar role.
  • KPI Solutions provides various benefits, including medical, dental, vision insurance, a 401(k) retirement plan, and opportunities for training and development.

The Cybersecurity Analyst is the operational owner of KPI Solutions' day-to-day information security program. The role provides 24/7 detection, analysis, response, containment, and remediation of threats directed against KPI, and serves as the principal technical contact for KPI's security tooling (SIEM/EDR, email security, MDM, IAM, PAM) and for KPI's compliance programs (SOC 2 Type 2 plus partner and internal policy frameworks).  The Analyst partners with IT Operations/Infrastructure, IT Compliance, business units, vendors, and clients to continuously strengthen KPI's security posture. 

Essential Job Duties 

Threat & Incident Response 

  • Monitor SIEM/alerts (Rapid7 InsightIDR, Microsoft Defender, Abnormal Security) on a 24/7 basis across KPI networks, servers, cloud platforms, and endpoints. 
  • Monitor for and respond to security alerts; perform first-level triage, containment, and isolation/restoration of affected systems. 
  • Conduct intrusion detection analysis, correlate events across systems, and document formal technical incident reports (e.g., Jira incident write-ups). 
  • Lead investigations of phishing, account compromise, and token-theft events, including mailbox review, removal of malicious inbox rules, and data-exposure assessment. 
  • Coordinate Security Incident Follow-up cadence with MDR/MSSP partners and execute response playbooks. 

SOC 2 & Audit Readiness 

  • Provide control evidence to auditors and supply logs, screenshots, and exported configurations on request. 
  • Serve as the primary technical contact for the SOC 2 Type 2 audit and the Ares Cyber Program quarterly reviews. 
  • Maintain logs and reports required for ongoing audit readiness and remediation tracking. 

Privileged Access Management (PAM) 

  • Define PAM policies and implement supporting tooling. 
  • Perform recurring privileged-access reviews, monitor usage/logs, and track exceptions. 
  • Review and approve or deny privileged access requests. 

Device & Patch Management 

  • Define endpoint security baselines and track policy compliance across managed devices. 
  • Monitor EDR/NGAV coverage and disk encryption (BitLocker, USB encryption) and maintain audit trail. 
  • Partner with IT Operations and Compliance to validate Intune/ManageEngine patch deployment and address vendor-reported critical vulnerabilities. 

Mail & DNS Security 

  • Design and maintain SPF/DKIM/DMARC, tune phishing filters (Abnormal/Defender), and track mail security settings. 
  • Investigate mail-borne threats, manage quarantine release decisions, and ensure audit coverage of mail security controls. 

Backups & Disaster Recovery 

  • Review backup security configurations, validate encryption, and participate in DR testing. 
  • Log DR test results and prepare related audit artifacts. 

Network Security 

  • Define network segmentation requirements and ensure segmentation policy is enforced. 
  • Maintain audit evidence for VLAN/firewall configurations and tune IDS/IPS/SIEM detections. 

Asset Tracking 

  • Classify critical assets, maintain the asset control matrix, and map assets to audit scope. 
  • Flag unmanaged or "Not Monitored" devices and drive remediation. 

Data Loss Prevention (DLP) 

  • Tune DLP rules, deploy/maintain agents, and review DLP incidents. 
  • Partner with the Compliance Analyst to identify client data and intellectual property requiring protection. 

MDM / MAM 

  • Enforce app protection and configure Intune/MDM device compliance policies. 
  • Track enrollment status and monitor access from managed devices. 

Identity & Access Management 

  • Drive SSO rollouts and conditional access design via Microsoft Entra. 
  • Perform monthly roster / ADP-to-AD reconciliation and produce active employee/contractor lists for leadership and audit. 
  • Audit offboarding to ensure terminated accounts remain disabled. 
  • Monitor for non-compliant platform usage and intervene as required to ensure compliance with KPI policies. 

Security Awareness 

  • Run phishing simulations (Microsoft Attack Simulation) and assign role-based training through KnowBe4, including Snyk for engineering staff. 
  • Customize training content, track completion, escalate non-completion, and share threat trends with the organization. 

Policy, Documentation & Reporting 

  • Author and maintain enterprise security documents (policies, standards, baselines, guidelines, procedures) in Vanta, including the Incident Response Plan and Operations Security Policy. 
  • Compile and analyze data for management reporting, KPIs, and the Monthly Vulnerability & Risk Register Review and Weekly Threat Intelligence Review. 
  • Monitor threat intelligence feeds and apply MITRE ATT&CK and similar frameworks to identify TTPs. 

Vendor & Tool Management 

  • Serve as technical evaluator and primary point of contact for security vendors (Rapid7, Insight Assurance, Abnormal, KnowBe4, Intrust IT, Securden, Vanta, JFrog, Salesforce Security). 
  • Coordinate penetration testing engagements and review deliverables. 

Required Education, Skills and Experience 

  • BS/BA in Computer Science, Electrical Engineering, Information Security, or related field. Equivalent experience will be considered. 
  • Progressive experience in software, automation, or logistics environments characterized by service, employee engagement, and a culture of accountability. 
  • Hands-on experience administering SIEM/EDR (Rapid7 preferred), Microsoft Defender, Abnormal Security or comparable email security, KnowBe4 or comparable SAT platform, Intune, and a PAM tool such as Securden. 
  • Working knowledge of SOC 2 Type 2 evidence collection and audit support. 
  • Strong organizational, project management, and written/oral communication skills; ability to build relationships and establish trust at all levels. 
  • High ethical and professional standards; self-starter, decisive, high energy. 

Skills and platform experience considered a plus: 

  • Microsoft Purview / Data Protection 
  • Microsoft Intune 
  • Rapid 7  
  • MS O365 / Azure 
  • SharePoint 
  • Vanta 
  • MITRE ATT&CK proficiency 
  • Industry cybersecurity certifications (Security+, CySA+, CISSP, etc.) 

Supervisory Responsibilities 

This position manages projects, vendors, and contractors supporting the cybersecurity and compliance programs. 

  • BS/BA in Computer Science, Electrical Engineering, Information Security, or related field. Equivalent experience will be considered. 
  • Progressive experience in software, automation, or logistics environments characterized by service, employee engagement, and a culture of accountability. 
  • Hands-on experience administering SIEM/EDR (Rapid7 preferred), Microsoft Defender, Abnormal Security or comparable email security, KnowBe4 or comparable SAT platform, Intune, and a PAM tool such as Securden. 
  • Working knowledge of SOC 2 Type 2 evidence collection and audit support. 
  • Strong organizational, project management, and written/oral communication skills; ability to build relationships and establish trust at all levels. 
  • High ethical and professional standards; self-starter, decisive, high energy. 

Skills and platform experience considered a plus: 

  • Microsoft Purview / Data Protection 
  • Microsoft Intune 
  • Rapid 7  
  • MS O365 / Azure 
  • SharePoint 
  • Vanta 
  • MITRE ATT&CK proficiency 
  • Industry cybersecurity certifications (Security+, CySA+, CISSP, etc.) 

Other Requirements

  • Position is preferred onsite in one of our offices: Cincinnati, OH or Kansas City, MO. 
  • Occasional travel to KPI offices or client sites. Typically, travel will be less than 10%. 

Acknowledgement 

Please note that this job description is intended to describe the general nature and level of work being performed by the employee(s) assigned to this job. The content contained therein is not intended to represent an exhaustive list of all duties, responsibilities, and activities required. Duties, responsibilities, and activities may change at any time, with or without notice, and additional work may be assigned as appropriate.

What we Offer:

    • Medical Insurance
    • Dental Insurance
    • Vision Insurance
    • Health Care Concierge Service
    • 401(k) Retirement Plan (Pre-tax & Roth)
    • Company paid Basic Life Insurance, Short-Term Disability & Long-Term Disability
    • Voluntary Life & AD&D Insurance
    • Voluntary Accident, Critical Illness & Hospital Indemnity Insurance
    • Pet Insurance
    • Milk Stork Program
    • Wellness Program with gift card redemption and wellness challenges
    • Paid Time Off (Vacation, Sick & 10 Holidays)
    • Training & Development

Why KPI Solutions?

At KPI Solutions, you’ll be part of a team that values innovation, accountability, and continuous improvement. This is more than a reporting role—it’s an opportunity to make a measurable impact on project success and business performance.

KPI Solutions provides equal employment opportunity to all individuals regardless of their race, color, creed, religion, gender, age, sexual orientation, national origin, disability, veteran status, or any other characteristic protected by states, federal, or local law.



Learn more about this Employer on their Career Site

Apply now in a few quick clicks

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2026 SonicJobs Inc. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs