Cybersecurity Analyst at Level
Join Level as a Cybersecurity Analyst
Are you a skilled and motivated Cybersecurity Analyst ready to make a significant impact protecting innovative learning technology? Level is building engaging and effective educational experiences, and we need your expertise to secure our mission-critical systems and data.
About Level: Empowering Learning Through Technology For students: Rewarding and motivating learning experiences that meet students where they are, fostering true academic proficiency. We are deeply committed to helping every person maximize their potential and live a life of meaning. This is a complex challenge that demands brilliant people and sustained effort. Join us in building a secure foundation for the future of learning. The Role: Cybersecurity Analyst What You Will Do: Proactively monitor and analyze security alerts and events across our SIEM, EDR, and network monitoring platforms. What You'll Bring: 3-5 years of hands-on experience in a cybersecurity analyst, SOC analyst, or similar technical security role. Bonus Points for: CompTIA Security+ (strongly preferred), CySA+, or an equivalent certification.
Level is a learning technology company dedicated to helping students build real academic and life skills with confidence and joy. We combine proven curriculum principles with world-class interactive design, making meaningful practice something students eagerly return to, not something they struggle through.
We amplify the efforts of teachers, schools, and parents by increasing student engagement with high-quality, standards-aligned practice that reinforces classroom learning. Our impact extends to:
For educators: Intuitive tools that seamlessly integrate into instruction, boost student engagement, and reduce teacher workload.
For parents: Activities that empower your child to catch up or get ahead, build confidence, and minimize homework battles, whether learning at school or at home.
Level is seeking a hands-on Cybersecurity Analyst to join our dynamic security team. Reporting to the Director of Cybersecurity, you will be a key contributor to our day-to-day security operations, playing a critical role in safeguarding our organization's systems, networks, and data against evolving cyber threats. This role demands a strong foundation in security monitoring, threat detection, incident response, and endpoint security, working across network security, cloud environments, and endpoint management tools.
Investigate security incidents, anomalies, and potential threats to accurately determine their scope and impact.
Continuously tune and maintain detection rules, alerts, and dashboards to reduce false positives and improve detection fidelity.
Conduct proactive threat hunting activities to identify indicators of compromise (IOCs) and attacker tactics, techniques, and procedures (TTPs).
Participate actively in all phases of incident response, including containment, eradication, and recovery, meticulously documenting timelines and remediation actions.
Assist in the development and ongoing maintenance of comprehensive incident response playbooks, runbooks, and escalation procedures.
Administer and optimize endpoint security tools, including EDR/antivirus platforms, and support Mobile Device Management (MDM) operations.
Manage identity and access controls, enforce Role-Based Access Control (RBAC) policies, and conduct regular access reviews to ensure least privilege.
Monitor network traffic and logs for suspicious activity, and assist in maintaining robust firewall rules and network segmentation.
Support the implementation of Zero Trust principles and least-privilege enforcement across our infrastructure.
Monitor cloud environments (Azure, AWS, or GCP) for misconfigurations and policy violations, ensuring secure cloud posture.
Assist with vulnerability scans, remediation tracking, and compliance assessments (e.g., NIST CSF, SOC 2, CIS Controls).
Collaborate closely with development and IT operations teams to integrate security seamlessly into CI/CD pipelines (DevSecOps).
Assist with third-party risk management and security audits to ensure partner security alignment.
Need to Have:
Solid understanding of security monitoring, log analysis, and practical experience with SIEM platforms.
Proven experience participating in incident response activities, including thorough investigation and effective remediation.
Working knowledge of network security fundamentals: TCP/IP, firewalls, DNS, VPNs, IDS/IPS.
Hands-on experience with endpoint security platforms and EDR tools.
Experience with MDM platforms for device management and policy enforcement.
Strong understanding of RBAC and IAM principles in enterprise environments.
Familiarity with Zero Trust concepts and their practical enterprise application.
Basic cloud security knowledge in at least one major cloud provider: Azure, AWS, or GCP.
Familiarity with DevSecOps principles and secure SDLC practices.
Strong analytical and problem-solving skills with exceptional attention to detail.
Based in Austin, TX, or willing to relocate prior to the start date.
Microsoft Certified: Security Operations Analyst Associate (SC-200) or Azure Security Engineer Associate (AZ-500).
Certifications such as CEH, GIAC GSEC, GCIA, or GCIH.