Forge Path Help Desk + Security Analyst (On-Site, Winchester VA) Norfolk, VA · Full time
Apply for Help Desk + Security Analyst (On-Site, Winchester VA)

Employment: Full-time, W-2 ForgePath employee Location: Winchester, VA. On-site at the client (160 Exeter Drive) 2–3 days per week — closer to 3. Remote the remainder. Reports to: ForgePath Security; coordinates day-to-day with the client's IT and security leadership

About Forge Path

Established in 2023, Forge Path delivers top-tier security consultancy and risk mitigation services. Forge Path brings industry experts to create robust compliance programs and strengthen operational security for commercial and government sectors. Headquartered in Norfolk, Virginia, with offices in Colorado, Idaho, and Massachusetts, we provide comprehensive security solutions nationwide. Our team includes thought leaders, security researchers, and ethical hackers passionate about innovation and crafting cutting-edge solutions.

Description

About the engagement

You will be embedded with our anchor CPA firm client, splitting your time roughly 50/50 between supplementing their internal help desk and working as a security analyst inside the security program ForgePath manages on their behalf. You will be ForgePath's hands-on presence in their office.

This is a great seat for someone who wants to grow into deeper security work without giving up the IT generalist skills that keep them sharp and useful.


Responsibilities

Help Desk (~50%)


  • Tier 1 / Tier 2 end-user support: workstations, accounts, productivity software, common application issues
  • Microsoft 365 administration (Exchange Online, Teams, SharePoint, Entra ID basics)
  • Hardware support, imaging, and provisioning alongside the client's IT team
  • Ticket queue ownership and triage


Security (~50%)


  • Vulnerability management: scan operations, finding triage, remediation tracking with IT and end users
  • Phishing simulation campaigns: planning, deployment, reporting, follow-up training
  • Security ticket triage and investigation (EDR alerts, email security, identity)
  • Incident response support under ForgePath senior leadership
  • Routine hygiene: access reviews, configuration checks, hardening tasks


Required

  • 2–4+ years across IT support / help desk / junior SOC or security analyst work (any combination)
  • Strong Microsoft 365 and Windows endpoint fundamentals
  • Familiarity with vulnerability scanning workflows — you don't need to be an expert, but you should know what a CVSS score is and how to drive a fix
  • Solid customer service instincts: patient, professional, willing to help
  • Lives within reliable commuting distance of Winchester, VA, and can be on-site 2–3 days per week


Preferred

  • Security+, Network+, or equivalent certifications
  • Experience with EDR platforms (Microsoft Defender, CrowdStrike, SentinelOne)
  • Prior exposure to phishing simulation tools (KnowBe4, Hoxhunt, etc.)
  • Curiosity about offensive security — there is real room to grow toward pentest and red-team adjacent work over time


Compensation

  • Base salary $65,000–$72,000, commensurate with experience
  • Full benefits: medical, dental, vision, and 401(k) with employer match
  • Paid time off and ForgePath-supported professional development

Salary

$65,000 - $72,000 per year

Apply for Help Desk + Security Analyst (On-Site, Winchester VA)