About PFX™

We engineer leading fluid solutions that keep the world moving and we’re building a better future while we do it. As a vertically integrated global powerhouse, we operate 17 manufacturing facilities and 4 R&D centers across the world, delivering performance from lab to road in over 40 countries.

PFX Group™ brings together a family of trusted companies including Recochem, Prestone, Adam’s Polishes, Kost USA, Ultra Clear, POR and Auto-Chem, each with deep expertise, regional insight, and a shared commitment to engineering excellence.

From automotive and heavy-duty thermal management systems to household and industrial solutions, our products are built for performance, reliability, and a commitment to sustainability. Join us and be part of a team that’s redefining what’s possible in fluid technology.

Role Overview

The Junior Cybersecurity Analyst supports daily security-operations activities across our hybrid environment (Azure, Microsoft 365, on-prem). Guided by senior analysts, you will monitor alerts, validate indicators of compromise, assist with incident response and threat hunting, contribute to vulnerability and risk assessments, and help harden email-security controls—all mapped to MITRE ATT&CK® and the Cyber Kill Chain®.

Key Responsibilities

Security Monitoring & Triage

• Review and triage Microsoft Sentinel alerts, endpoint telemetry and Fortinet firewall logs, escalating high-risk events.
• Validate IOCs (hashes, domains, IPs) against threat-intel sources and document findings.

Threat Hunting & Intelligence Support

• Participate in guided hunts using Sentinel workbooks and KQL queries aligned to ATT&CK tactics.
• Import STIX/TAXII feeds into Sentinel watchlists and enrich events with basic IOC and TTP context.
• Summarise emerging ransomware or vulnerability trends for weekly team briefings.

Incident Response Assistance

• Execute first-response playbook steps: evidence collection, endpoint isolation, malicious IP blocking and ticket updates.
• Maintain incident timelines and artifact repositories for senior analysts.

Vulnerability & Risk Assessments

• Run authorized vulnerability scans, export results and track remediation status with system owners.
• Assist in basic risk assessments of new applications or configuration changes, documenting potential impacts and mitigation steps.

Email Security & Anti-Phishing

• Review Microsoft Defender for Office 365 alerts, user-reported phishing emails and quarantine queues; escalate true positives.
• Support phishing-simulation campaigns and compile metrics for awareness reports.

Cloud & Identity Hygiene

• Verify MFA enforcement and baseline Conditional Access policies for new accounts.
• Review Azure sign-in logs for anomalies such as impossible travel or legacy authentication.

Documentation & Knowledge Management

• Update runbooks, detection-rule change logs and the internal knowledge base after each ticket or investigation.

Required Qualifications

• Minimum 1 year of hands-on experience in a SOC, security help-desk queue or similar IT-security role.
• Foundational knowledge of networking (TCP/IP, DNS), operating systems (Windows/Linux) and core security concepts.
• Exposure to at least one SIEM (preferably Microsoft Sentinel) and an EDR solution.
• Familiarity with MITRE ATT&CK, basic incident-response concepts, vulnerability scanning and email-security fundamentals.
• Ability to write or modify simple PowerShell, Bash or Python scripts for log parsing or automation.
• Coursework or certifications such as CompTIA Security+, Microsoft SC-900/SC-200, CEH or equivalent.
• Experience importing STIX/TAXII feeds, using threat-intel platforms or reviewing Microsoft Defender for Office 365 alerts.
• Familiarity with Azure AD/Entra ID security controls and Conditional Access
• Strong proficiency in English; bilingualism is an asset.