Important Notice: This is an entry-level role. Candidates with more than two (2) years of relevant professional experience will not be considered.
CyberMSI is a U.S.-based managed XDR and compliance firm built to stop cyberattacks before business disruption happens. We've an "AI + analyst-on-the-loop" SOC model where AI moves at machine speed while analysts remain accountable for decisions that impact the business.
Powered by Microsoft Unified Security Operations using Microsoft Defender XDR and Microsoft Sentinel SIEM, we protect AI agents, identities, apps, data, endpoints, multi-cloud, and third-party access.
We use AI to accelerate correlation of attack signals, enable rapid threat containment, and execute response actions or approval workflows based on real business context, not generic playbooks.
Our difference is not AI-based automation alone; it is Accountable & Intelligent automation.
We’re growing fast and need a high-performing AI Threat Validation Analyst to validate the findings of AI-assisted SecOps agents, ensuring accuracy, context, and appropriate decision-making. This role focuses on confirming the results of automated investigations, refining AI-generated insights, and supporting the operationalization of Microsoft Defender XDR + Sentinel SIEM detection and response workflows. Analysts in this role play a critical part in maintaining high-quality security outcomes and bridging automation with human expertise.
What you’ll do:
- Validate SecOps agent investigations by thoroughly reviewing the incident attack story, associated alerts, involved entities, and correlated signals to ensure accuracy and completeness.
- Ensure SecOps agents and automated workflows executed correctly without technical issues, verifying that investigations ran smoothly and results are reliable.
- Confirm the accuracy of incident verdicts by identifying false positives, incomplete investigations, or incorrect threat classifications.
- Perform deeper analysis when required, including URL detonation or sandboxing, file analysis, and reviewing customer inventory and context to ensure findings are accurate and relevant.
- Validate and apply Incident Management (IM) tags correctly, and approve, modify, or reject automated findings before escalation or response.
What you’ll bring:
- Strong understanding of fundamental cybersecurity operations and incident analysis.
- Familiarity with SIEM and XDR platforms, preferably Microsoft Defender XDR, Sentinel SIEM and SOAR capabilities.
- Solid knowledge of common cyber threats and attack techniques based on MITRE ATT&CK®.
- Strong analytical thinking and attention to detail with the ability to validate and challenge automated findings.
- Clear, professional written and verbal communication skills.
- Relevant certification such as SC-200 is desirable.
What we’ll offer:
- Market competitive base pays and bi-yearly performance-based bonuses.
- Monthly allowances for health insurance, laptop, and internet.
- Paid time off for up to 20 days every year plus all government holidays.
- Opportunity to work internationally from CyberMSI’s locations in the USA, UAE, and other locations through intra-company assignments.
- Ongoing training on latest cybersecurity and AI technologies.
- Reimbursements for relevant cybersecurity certifications.