... rotation guidance, evidence collection, post incident documentation, and client communication ... Support vulnerability scanning programs by helping interpret results, tracking remediation, and ...
Quick apply
... rotation guidance, evidence collection, post incident documentation, and client communication ... Support vulnerability scanning programs by helping interpret results, tracking remediation, and ...
... rotation guidance, evidence collection, post incident documentation, and client communication ... Support vulnerability scanning programs by helping interpret results, tracking remediation, and ...
... rotation guidance, evidence collection, post incident documentation, and client communication ... Support vulnerability scanning programs by helping interpret results, tracking remediation, and ...
Lead complex privileged access management and cybersecurity engineering initiatives that help ... and program execution. This role is suited for a candidate who can manage competing priorities ...
Lead complex privileged access management and cybersecurity engineering initiatives that help ... and program execution. This role is suited for a candidate who can manage competing priorities ...
Lead Systems Engineer, Platform Integration - 28561
$130K - $185K/yr
Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware ... Coordinate with government program offices, technical leads, and stakeholders to ensure portfolio ...
Lead Systems Engineer, Platform Integration - 28561
$130K - $185K/yr
Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware ... Coordinate with government program offices, technical leads, and stakeholders to ensure portfolio ...
Lead Systems Engineer, Platform Integration - 28561
Crane, IN · On-site
$130K - $185K/yr
Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware ... Coordinate with government program offices, technical leads, and stakeholders to ensure portfolio ...
Lead Systems Engineer, Platform Integration - 28561
Crane, IN · On-site
$130K - $185K/yr
Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware ... Coordinate with government program offices, technical leads, and stakeholders to ensure portfolio ...
Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware ... Coordinate with government program offices, technical leads, and stakeholders to ensure portfolio ...
Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware ... Coordinate with government program offices, technical leads, and stakeholders to ensure portfolio ...
Service Desk Manager
Indianapolis, IN · On-site
Leadership Academy - Training Programs for Professional Growth. What Will You Be Doing? Service ... Coordinate support coverage schedules, on-call rotations, and escalation management. Technical ...
Service Desk Manager
Indianapolis, IN · On-site
Leadership Academy - Training Programs for Professional Growth. What Will You Be Doing? Service ... Coordinate support coverage schedules, on-call rotations, and escalation management. Technical ...
Senior Controls Engineer
Indianapolis, IN · On-site
$92.70K - $122.40K/yr
Participates in the on-call rotation to provide off shift / weekend support to production, as ... Support key initiatives such as information management, cyber security, and life cycle management.
Senior Controls Engineer
Indianapolis, IN · On-site
$92.70K - $122.40K/yr
Participates in the on-call rotation to provide off shift / weekend support to production, as ... Support key initiatives such as information management, cyber security, and life cycle management.
Senior Controls Engineer
$92.70K - $122.40K/yr
Participates in the on-call rotation to provide off shift / weekend support to production, as ... Support key initiatives such as information management, cyber security, and life cycle management.
Senior Controls Engineer
$92.70K - $122.40K/yr
Participates in the on-call rotation to provide off shift / weekend support to production, as ... Support key initiatives such as information management, cyber security, and life cycle management.
Cybersecurity Rotational Program information
What are the key skills and qualifications needed to thrive in a Cybersecurity Rotational Program, and why are they important?
To thrive in a Cybersecurity Rotational Program, you need a solid understanding of information security principles, risk assessment, and IT fundamentals, often supported by a degree in computer science or a related field. Familiarity with security tools such as firewalls, SIEM systems, vulnerability scanners, and certifications like CompTIA Security+ or CISSP are commonly expected. Strong analytical thinking, adaptability, and effective communication skills help you navigate diverse teams and rapidly changing threats. These skills and qualities are essential for quickly learning new domains, contributing to multiple projects, and effectively protecting organizational assets.
What types of projects and responsibilities can I expect during a Cybersecurity Rotational Program?
During a Cybersecurity Rotational Program, you will typically rotate through several key areas such as threat analysis, incident response, vulnerability management, and security operations. Each rotation provides hands-on experience with real-world security challenges, allowing you to collaborate closely with cross-functional teams like IT, compliance, and risk management. You can expect to participate in tasks like monitoring security alerts, conducting risk assessments, supporting cybersecurity audits, and assisting in the development of security policies. This structure is designed to give you a broad foundation and help you identify your preferred specialization within cybersecurity.
What is a Cybersecurity Rotational Program?
A Cybersecurity Rotational Program is a structured early-career development program offered by some organizations, typically lasting 1-3 years. Participants rotate through several cybersecurity departments or roles, such as threat analysis, incident response, risk management, and security operations. This approach allows individuals to gain broad experience, develop a diverse skill set, and build a network within the company. Upon completion, participants often move into a more specialized cybersecurity position based on their interests and strengths.
What is the difference between Cybersecurity Rotational Program vs Cybersecurity Analyst?
| Aspect | Cybersecurity Rotational Program | Cybersecurity Analyst |
|---|---|---|
| Credentials | Typically requires a bachelor's degree in cybersecurity, IT, or related fields; certifications like CompTIA Security+ are common | Often requires similar degrees and certifications; Security+ or CISSP preferred |
| Work Environment | Rotates through different teams and projects within an organization, gaining broad experience | Focuses on monitoring, analyzing, and responding to security incidents within a specific team |
| Employer & Industry Usage | Used by large organizations for talent development; common in tech and finance sectors | Standard role across industries for maintaining security posture |
The Cybersecurity Rotational Program offers a broad, multi-faceted experience across various security functions, ideal for those seeking diverse exposure. In contrast, a Cybersecurity Analyst specializes in monitoring and defending against security threats within a specific area. Both roles require similar credentials but differ in scope and career focus.
What are popular job titles related to Cybersecurity Rotational Program jobs in Indiana? For Cybersecurity Rotational Program jobs in Indiana, the most frequently searched job titles are:
What job categories do people searching Cybersecurity Rotational Program jobs in Indiana look for? The top searched job categories for Cybersecurity Rotational Program jobs in Indiana are:
Job description
What You Will Do
The Cybersecurity Analyst II at EXOS CYBER is the escalation point for the SOC. You take the alerts and tickets that Tier 1 cannot fully resolve, drive them to a confident answer, and pass anything beyond standard playbooks to the Cybersecurity Engineers and Team Lead with a clear recommendation. You will support day-to-day security operations for our clients with a primary focus on security monitoring, detection, and incident response, working alongside senior security engineers and incident responders.
Beyond the queue, you play a deliberate role in assisting of maturing the SOC by writing and refining playbooks, tuning detections in coordination with our Senior Engineer / Purple Team and AI Automation Engineer, and mentoring Tier 1. This is a hands-on, high volume technical role designed for analysts with 3 to 6 years of experience who are ready to deepen their SOC skills while gaining broad exposure to a real world MSSP detection and response stack across diverse client environments.
Monitor and triage security alerts across multiple client environments using SIEM, EDR, email security, and cloud security tools. Validate and investigate common alert types, determine impact, and recommend or execute initial response actions based on runbooks.
Take ownership of escalated alerts and tickets, drive them through full investigation, and either resolve or escalate to engineering with a recommended action. Escalations to senior responders include accurate context, evidence, and timelines.
Run point on confirmed true positive incidents within scope, including containment via SentinelOne, account isolation in Entra ID, credential rotation guidance, evidence collection, post incident documentation, and client communication.
Analyze endpoint, identity, and network telemetry to identify suspicious activity, lateral movement, and persistence attempts.
Conduct phishing triage and support email-based threat investigations, including user impact assessment and remediation steps.
Partner with the Senior Engineers / Purple Team and AI Automation Engineer to identify noisy alerts, tune rules in the SIEM and EDR, and reduce false positive load through alert suppression and use case enhancements.
Execute scheduled hunts against client environments using SDL queries, EDR telemetry, and indicators from CTI feeds. Document findings and feed results back into detection engineering.
Support vulnerability scanning programs by helping interpret results, tracking remediation, and coordinating follow-ups with client IT teams.
Review escalations, give kind and direct feedback, run weekly walk-throughs of recent investigations, and contribute to Tier 1 onboarding curriculum.
Maintain thorough case notes, incident summaries, and client-ready communications in the ticketing system. Author the analytical narrative for monthly client reports covering what we saw, what it means, and what we recommend.
What You Have Done
3+ years of experience in a SOC, incident response, MSSP, or security operations focused role or 2+ years post-Tier 1 in a comparable role
Demonstrated investigation skills across endpoint, identity, email, and network telemetry.
Working command of an EDR (SentinelOne, CrowdStrike, or Defender for Endpoint) and a SIEM (Blumira, Sentinel, Splunk, or QRadar) at the query-and-pivot level.
Familiarity with common log sources such as Windows event logs, Active Directory, Azure AD or Entra ID, firewall, VPN, DNS, and email security logs.
Practical scripting in PowerShell and/or Python for investigation, log parsing, and lightweight automation.
Experience triaging phishing, malware, suspicious authentication activity, and policy or misconfiguration-driven alerts
Working knowledge of incident response lifecycle, escalation criteria, and evidence preservation
Ability to prioritize effectively in a multi-client environment and manage multiple active cases without losing quality
Strong documentation habits with the ability to produce clear, client-ready updates and incident summaries
Solid fundamentals in TCP/IP, DNS, HTTP/S, Windows and Linux concepts, and identity and access management
Experience with ticketing systems and meeting SLAs for response, escalation, and customer communication
Relevant certifications such as CompTIA Security+, CySA+, Microsoft security fundamentals, or equivalent experience preferred
Preferred Qualifications
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related discipline. Equivalent military training or certifications considered.
CompTIA CySA+, GIAC GCIH, GIAC GCFA, GIAC GCDA, BTL2, or equivalent.
Prior MSSP experience, especially in a multi-tenant ticketing model (ConnectWise, Autotask, ServiceNow, etc.).
Familiarity with Sigma rules, KQL, or SentinelOne / Blumira query syntax.
Experience with SOAR or rules-based automation; comfort working alongside an AI Automation Engineer to operationalize playbooks.
Exposure to vulnerability management workflows (ConnectSecure, Tenable, Qualys, or similar) and pentesting output review (NodeZero or comparable).
Experience with MITRE ATT&CK Framework
Hands-on lab experience: TryHackMe, LetsDefend, Blue Team Labs, or home-lab portfolio.
Experience in proactive Cyber Threat Hunting activities