Cybersecurity Defense Analyst

About the role

We are seeking a Cybersecurity Defense Analyst to help shape the way our AI systems generate security guidance. In this fully remote, flexible contract position you will evaluate and improve AI‑produced content such as threat analyses, incident response plans, and defensive architecture recommendations, ensuring they are accurate, actionable, and safe for real‑world use.

Key responsibilities

• Review AI‑generated cybersecurity content—including threat analyses, remediation steps, security configurations, and defensive strategies—for technical accuracy and practical applicability.
• Identify dangerous errors, outdated practices, misconfigurations, and misleading advice in AI outputs.
• Assess whether AI‑generated incident response plans, detection rules, and hardening guides would function effectively in production environments.
• Design realistic cybersecurity scenarios and prompts to stress‑test AI capabilities and uncover blind spots.
• Provide structured, detailed feedback on the completeness, safety, and correctness of AI‑generated security guidance.
• Evaluate code snippets, scripts, and tool configurations related to defensive security for best‑practice compliance.
• Work independently on your own schedule, delivering reviews asynchronously.

Required profile

• Hands‑on experience in one or more cybersecurity defense areas such as network security, endpoint protection, SIEM/SOC operations, incident response, vulnerability management, cloud security, or identity and access management.
• Strong understanding of common attack frameworks (e.g., MITRE ATT&CK, kill‑chain methodology) and defensive countermeasures.
• Ability to critically evaluate technical security recommendations and spot errors that could cause real harm.
• Excellent written communication skills for clear, concise explanations of complex security concepts.
• Detail‑oriented, methodical, and self‑motivated when working without supervision.

Required skills

• Network security
• Endpoint protection
• SIEM and SOC operations
• Incident response
• Vulnerability management
• Cloud security
• Identity and Access Management (IAM)
• MITRE ATT&CK framework
• Firewalls
• IDS/IPS
• Endpoint Detection and Response (EDR)
• Vulnerability scanners