Job Description: Security Analyst
Salary: 80-90k
Overview:
We are seeking a detail-oriented and proactive Information Security Analyst to join our Information Security team. The Security Analyst will play a critical role in protecting the organization's systems, data, and infrastructure from security threats. This individual will monitor, analyze, and respond to security events while collaborating with cross-functional teams to strengthen our security posture.
Key Responsibilities:
- Threat Monitoring & Incident Response:
- Monitor security systems and tools for unusual activity or potential threats.
- Respond to security incidents, conduct root cause analysis, and recommend remediation measures.
- Develop and maintain incident response playbooks.
- Vulnerability Management:
- Perform regular vulnerability assessments and work with relevant teams to address identified risks.
- Stay informed about emerging threats, vulnerabilities, and mitigation techniques.
- Security Tools & Systems Management:
- Configure, maintain, and monitor security technologies such as firewalls, SIEM, IDS/IPS, DLP, and endpoint protection.
- Analyze system logs and other data to identify unusual patterns or suspicious activities.
- Policy Development & Compliance:
- Assist in developing and enforcing security policies, standards, and procedures.
- Support internal and external audits related to security and compliance (e.g., ISO 27001, SOC 2, GDPR, CCPA).
- Education & Awareness:
- Educate employees on security best practices and potential risks through training and communication.
- Conduct phishing simulations and other security awareness programs.
- Collaboration & Reporting:
- Collaborate with IT, DevOps, and engineering teams to integrate security into the software development lifecycle (SDLC).
- Prepare detailed reports on security incidents, threats, and mitigation efforts for management and stakeholders.
Qualifications:
- Education:
- Bachelor's degree in Computer Science, Information Security, or related field. Equivalent work experience will also be considered.
- Experience:
- 2–4 years of experience in cybersecurity or a related field.
- Familiarity with SIEM tools, firewalls, and network security practices.
- Certifications (Preferred):
- CompTIA Security+, CEH, CISSP, CISM, or equivalent certifications.
- Skills:
- Strong understanding of security concepts, tools, and frameworks (e.g., NIST, ISO 27001).
- Proficient in threat analysis, vulnerability assessment, and incident response.
- Familiarity with scripting languages (e.g., Python, PowerShell) is a plus.
- Excellent analytical, problem-solving, and communication skills.