Cyber Operations Analyst

Company Overview:

Hillwood, a Perot Company, is a premier real estate investment and development company founded on a culture of integrity, respect, excellence and teamwork. The company is a full-service real estate developer, investor and advisor focused on developing opportunities for investors, partners and communities around the world. See additional details at www.hillwood.com.

Position Summary:

Hillwood IT is seeking a Cyber Operations Analyst to join our team in Dallas, TX to support day-to-day security monitoring and operational activities across our business environment. This is an excellent opportunity for someone early in their cybersecurity career who is eager to learn, highly detail-oriented, and motivated to grow within a collaborative, hands-on team.

The Cyber Operations Analyst will serve as the first line of defense for security events, responsible for monitoring alerts, triaging activity, and supporting incident response efforts. You will follow established processes, document findings clearly, and escalate issues appropriately while gaining exposure to a broad range of security domains, including detection and response, identity governance, and vulnerability management.

This role offers meaningful hands-on experience and cross-functional exposure, requiring someone who is adaptable, curious, and comfortable contributing across multiple areas of cybersecurity operations.

Responsibilities:

Security Monitoring and Triage:

• Monitor and triage security alerts from tools such as SIEM, EDR/XDR, email security, identity systems, and other log sources.


• Perform initial analysis to determine alert validity, scope, and potential impact; identify false positives and document rationale.


• Gather and preserve relevant evidence (logs, endpoint data, email headers, timelines) and maintain clear case notes.

Incident Response Support and Escalation:

• Follow established playbooks/runbooks to handle common security events (phishing, malware alerts, suspicious logins, policy violations, etc.).


• Escalate confirmed or high-risk events to senior analysts/incident response leads with accurate context and recommendations.


• Assist with containment and remediation tasks under guidance (e.g., isolating endpoints, password resets, blocking indicators, opening IT tickets).

Ticketing, Documentation and Communication:

• Own your queue: update tickets promptly, meet internal SLAs, and communicate status clearly to the cyber team and IT partners.


• Document investigations thoroughly and consistently so others can pick up work seamlessly.


• Help maintain and improve cyber operations documentation (runbooks, SOPs, contact lists, alert tuning notes).

Operational Support and Continuous Improvement:

• Support routine checks and operational tasks (sensor/agent health, log onboarding validation, dashboard checks, basic reporting).


• Help identify patterns that indicate recurring issues and propose improvements (alert tuning, new detections, process changes).


• Participate in periodic table-top exercises, lessons learned, and process refinement efforts.

Risk Reduction and Security Support:

• Assist with vulnerability management coordination (tracking findings, validating remediation, communicating with system owners).


• Support phishing response and user-reported security concerns; help with awareness follow-ups and lessons learned.


• Contribute to audits/questionnaires by gathering evidence and maintaining organized records (under supervision).


• Collaborate closely with IT (networking, systems, help desk) and business partners to ensure security supports business outcomes.

Identity Governance and Administration (IGA) Support:

• Support joiner/mover/leaver (JML) processes to ensure timely and accurate access provisioning and de-provisioning.


• Assist with access reviews and certification campaigns, tracking completion and following up on outstanding items.


• Help maintain RBAC models and entitlement structures within the IGA platform.


• Monitor and triage IGA alerts and exceptions, including orphaned accounts and access conflicts.


• Escalate anomalies and support audit requirements for identity-related controls.

Required Skills and Abilities:

• Strong attention to detail and ability to follow defined processes while applying sound judgment.


• Clear written and verbal communication skills, including the ability to document technical findings for varied audiences.


• High level of integrity and ability to handle sensitive information with discretion.


• Ability to manage multiple priorities in a team-oriented, fast-paced environment.


• Foundational understanding of cybersecurity concepts, including phishing, malware, MFA, and least privilege.


• Familiarity with industry frameworks such as MITRE ATT&CK and NIST CSF.


• Demonstrated curiosity and willingness to learn.


• Exposure to one or more of the following is preferred:


• Networking fundamentals (TCP/IP, DNS, HTTP/HTTPS, VPN)


• Windows security concepts (accounts, permissions, event logs)


• SIEM and/or EDR/XDR tools (e.g., Microsoft Defender)


• Vulnerability management tools (e.g., Rapid7)


• Microsoft 365 / Entra ID security concepts

Education and Experience:

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field (or equivalent experience).


• 2–4 years of experience in IT, cybersecurity, SOC, help desk, systems administration, or a related internship/academic role.


• Relevant certifications (or in progress), such as Security+, Network+, or Microsoft security fundamentals (AZ-900, SC-900).

Benefits Highlights:

• Medical, dental, and vision insurance options


• Flexible Spending Accounts (FSA) or Health Savings Accounts (HSA) dependent on plan elections


• Paid time off, holidays, and floating holidays


• Paid parental and family caregiver leave


• Mental health and wellness resources


• Life insurance and disability coverage


• 401(k) retirement plan with company match


• Additional programs to support Associates and their families

EEO Statement:

Hillwood is committed to providing Equal Opportunity in Employment, to all applicants and employees regardless of race, color, religion, gender, age, national origin, military status, veteran status, handicap, physical or mental disability, sexual orientation, gender identity, genetic information or any other characteristic protected by law.