Role Overview

Serving in the role of Associate Analyst, you will join Vectra’s MXDR team and support the monitoring, investigation, and analysis of cyber threats affecting customer environments. Working alongside experienced analysts, you will help identify suspicious activity, investigate alerts, and contribute to security operations activities across a wide range of enterprise environments.

In this role, you will develop hands-on experience with modern detection and response technologies, including network detection and response (NDR), endpoint detection and response (EDR), and cloud-based security tooling. You will learn how attackers operate within enterprise networks, how to identify malicious behavior, and how to communicate findings clearly and effectively to customers and internal teams.

As part of the Vectra MXDR organization, you will assist with alert triage, threat validation, escalation activities, and investigation support while continuously developing your technical and analytical skills. This is a customer-facing operational security role that requires curiosity, strong problem-solving abilities, and a passion for cybersecurity and threat detection.

Successful candidates will be eager to learn, comfortable working in fast-paced environments, and motivated to grow within a collaborative security operations team.

When not actively engaged in investigations, Associate Analysts are encouraged to participate in training, lab exercises, threat research, operational improvement initiatives, and knowledge-sharing activities that help strengthen both the team and customer outcomes.

Your role at a glance

• Monitor and triage security alerts across customer environments using the Vectra platform and integrated security tools
• Assist in investigating suspicious activity, indicators of compromise, and potential attacker behavior
• Support senior analysts during active investigations and incident response activities
• Help document investigation findings, timelines, recommendations, and remediation guidance
• Learn to analyze network traffic, endpoint telemetry, and security alerts to identify malicious or abnormal behavior
• Collaborate with team members to escalate confirmed threats and support customer communications
• Contribute to operational improvement initiatives, knowledge sharing, and process documentation
• Participate in threat-hunting activities, training exercises, and continuous learning opportunities
• Develop familiarity with attacker tactics, techniques, and procedures (TTPs) and modern security operations workflows
• Build strong technical and communication skills while working closely with experienced analysts and customers
• Travel expected 0–5%

To be successful in your new role, you have

• Strong interest and passion for cybersecurity, threat detection, and security operations
• Foundational understanding of networking, operating systems, and general security concepts
• Curiosity, analytical thinking, and a willingness to investigate and solve technical problems
• Ability to communicate clearly and professionally with both technical and non-technical audiences
• Strong organizational skills and attention to detail
• Ability to learn quickly, adapt to changing priorities, and work collaboratively within a team environment
• Academic, internship, lab, Capture The Flag (CTF), home-lab, or personal project experience related to cybersecurity is highly valued

The technical essentials

• Basic understanding of networking concepts and protocols such as TCP/IP, DNS, DHCP, VPN, and HTTP/S
• Familiarity with Windows and/or Linux operating systems
• Basic understanding of cybersecurity concepts including malware, phishing, lateral movement, authentication, and common attack techniques
• Exposure to security technologies such as SIEM, EDR, firewalls, or monitoring platforms through coursework, labs, internships, or personal projects
• Familiarity with packet analysis tools such as Wireshark or similar tools is a plus
• Interest in learning how to investigate alerts, analyze telemetry, and identify suspicious behavior
• Exposure to scripting or automation concepts using Python, PowerShell, or similar technologies is beneficial

Experience that impresses us as a plus

• Experience 1-3 Yrs
• Hands-on experience through internships, university projects, personal labs, or cybersecurity competitions
• Participation in Capture The Flag (CTF) events, cyber ranges, or threat-hunting exercises
• Familiarity with cloud platforms such as AWS or Azure
• Exposure to EDR technologies such as CrowdStrike, Microsoft Defender for Endpoint (MDE), or SentinelOne
• Relevant certifications such as Security+, Network+, SC-200, CySA+, or equivalent coursework
• Interest in AI-assisted security operations, automation, or emerging security technologies