Job Description:
SynthWeb is looking for a Cybersecurity Data Scientist / Security Analytics Engineer who can combine advanced data analytics, data science, and AWS cloud expertise to strengthen our cybersecurity intelligence, threat detection, and risk analytics capabilities.
This role is designed for professionals who enjoy working at the intersection of cybersecurity, big data, and cloud infrastructure. The ideal candidate will analyze large-scale security datasets, develop intelligent analytics models, and build scalable cloud-based solutions that enable data-driven cybersecurity decision-making across SynthWeb’s technology and security initiatives.
The Cybersecurity Data Scientist will play a key role in transforming raw security data into actionable intelligence. This includes building data pipelines, developing threat detection models, analyzing attack patterns, and helping security teams identify risks before they become incidents. The role will also support the development of advanced analytics frameworks that improve visibility into threats, vulnerabilities, and operational security metrics.
You will work closely with cybersecurity engineers, cloud architects, and leadership teams to design and implement modern security analytics solutions that leverage AWS cloud services, machine learning techniques, and scalable data platforms. This position offers the opportunity to directly contribute to the creation of intelligent security systems that strengthen SynthWeb’s ability to detect threats, reduce risk, and protect critical infrastructure.
In addition to analytics and engineering work, the role also involves improving security monitoring processes, supporting threat hunting activities, and enabling automated security insights across the organization. The Cybersecurity Data Scientist will help ensure that SynthWeb’s cybersecurity strategy is backed by strong data analysis, predictive modeling, and efficient cloud-based infrastructure.
Why Join SynthWeb?
- Work on Advanced Cybersecurity Analytics:
Be part of a team that develops innovative security intelligence systems using modern data analytics, machine learning, and cloud technologies to detect and prevent cyber threats. - Unique Combination of Data Science and Cybersecurity:
This role brings together data science, analytics, cloud infrastructure, and cybersecurity operations, giving you the opportunity to work on multidisciplinary challenges that few roles offer. - High Ownership and Real Impact:
At SynthWeb, you will have the opportunity to take ownership of critical cybersecurity analytics initiatives and contribute directly to the organization’s security posture and risk management strategy. - Work in a Growing Technology Company:
Join a fast-growing environment where your ideas, technical solutions, and innovations can have a meaningful and visible impact on the organization. - Build Security Intelligence Systems from the Ground Up:
Help design and implement scalable security analytics frameworks, automated threat detection models, and cloud-based data platforms that power next-generation cybersecurity operations. - Continuous Learning and Career Growth:
Gain exposure to modern cybersecurity technologies, large-scale data platforms, and cloud security practices while working with experienced professionals in a collaborative environment.
Nice to Have as a Cybersecurity Data Scientist / Security Analytics Engineer
- Experience with SIEM Platforms:
Hands-on experience working with security monitoring and analytics tools such as Splunk, IBM QRadar, Microsoft Sentinel, or Elastic Security for log analysis, threat detection, and security event correlation. - Exposure to SOAR Platforms:
Familiarity with Security Orchestration, Automation, and Response (SOAR) tools that help automate incident response workflows and improve security operations efficiency. - Security or Cloud Certifications
Relevant certifications that demonstrate expertise in cybersecurity and cloud security environments, including:
-
AWS Security Specialty
-
Certified Ethical Hacker (CEH)
-
CompTIA Security+
-
GIAC Certified Intrusion Analyst (GCIA)
-
GIAC Certified Incident Handler (GCIH)
These certifications indicate strong foundational knowledge in security analysis, incident response, and cloud security best practices.
In this role, you will collaborate closely with cybersecurity engineers, cloud architects, data teams, and leadership to ensure that security insights are integrated into broader technical and business decision-making processes. Your work will help bridge the gap between raw security data and actionable intelligence, enabling teams to respond to threats faster and with greater accuracy.
Responsibilities:
- Analyze large volumes of security logs, alerts, and event data from SIEM, SOC,
firewalls, IDS/IPS, and endpoint tools - Identify anomalies, attack patterns, trends, and indicators of compromise (IOCs)
- Develop dashboards and reports for threat monitoring, incident analysis, and risk
visibility - Support security and engineering teams with actionable insights
2. Data Science & Security Intelligence
- Design and build statistical, ML, or rule-based models for anomaly detection, threat
prediction, and risk scoring - Apply data science techniques to behavioral analytics, fraud detection, and security
event correlation - Improve detection accuracy and reduce false positives through continuous model
refinement - Support threat intelligence enrichment and correlation efforts
3. AWS Cloud & Security Analytics
- Design, deploy, and manage AWS-based data and analytics platforms for
cybersecurity use cases - Work with services such as S3, EC2, Lambda, Glue, Athena, Redshift, Kinesis,
CloudWatch, GuardDuty, Security Hub, CloudTrail, and IAM - Ensure scalability, performance, security, and cost optimization
- Follow AWS cloud security best practices
- Build and maintain secure ETL/ELT pipelines for ingesting and transforming security
data - Integrate data from multiple sources including cloud platforms, APIs, and security
tools - Ensure data quality, normalization, retention, and availability
5. Reporting, Visualization & Insights
- Create dashboards and visualizations using tools such as QuickSight, Power BI,
Tableau, or Grafana - Translate complex security data into clear insights for technical and non-technical
stakeholders - Deliver regular reports on security posture, threat trends, and risk metrics
- Support incident response, investigations, and threat-hunting activities using
analytics-driven insights - Assist in root cause analysis and security event prioritization
- Continuously improve detection logic and analytics workflows
7. Compliance, Governance & Best Practices
- Ensure analytics workflows align with security standards and compliance
requirements (ISO 27001, SOC 2, GDPR, etc.) - Implement secure access controls, encryption, logging, and monitoring
- Document architectures, data flows, models, and processes
8. Cross-Functional Collaboration & Ownership
- Collaborate with security, cloud, engineering, and product teams
- Take ownership of analytics outcomes and continuous improvement initiatives
- Stay updated on emerging cyber threats, attack techniques, and security analytics
trends
Preferred Qualifications:
- Strong understanding of SOC operations, SIEM, incident response, threat
intelligence, and vulnerability management - Familiarity with frameworks such as MITRE ATTACK
- Strong proficiency in Python and SQL
- Experience with data analysis and ML libraries (Pandas, NumPy, Scikit-learn)
- Experience with anomaly detection, classification, clustering, or time-series analysis
AWS & Cloud
- Hands-on experience with AWS cloud services
- Knowledge of AWS security services (GuardDuty, Security Hub, CloudTrail, IAM)
- Understanding of cloud-native security architectures
