AVP, Information Security Analyst

About The Position

Requirements

• Minimum of 5 years of experience in Information Security, with at least 3 years of in-depth experience with vulnerability management, cloud security, and/or security operations.
• Strong hands-on experience with cloud security (Azure preferred), including policy enforcement, identity and access management, and secure configurations.
• Proven track record with vulnerability scanning tools (e.g., Defender, Qualys, Tenable, Vipr) and the ability to drive remediation programs across enterprise environments.
• Hands-on experience with SIEM/SOC operations (Microsoft Sentinel preferred), including detection engineering and event analysis.
• Experience with EDR platforms, including configuration, management, and optimization of endpoint security capabilities.
• Experience with asset management platforms (e.g., Armis, Axonious, ServiceNow CMDB, or similar).
• Solid understanding of incident response methodologies, threat detection, and cloud-native attack vectors.
• Strong analytical skills with ability to identify root causes and provide actionable, risk-based recommendations.
• Excellent written and verbal communication skills, including clear documentation of investigations and outcomes.
• Ability to work independently and collaboratively with technical and non-technical stakeholders.
• Comfortable managing multiple priorities in a fast-paced, evolving environment.

Nice To Haves

• Bachelor's degree in Information Security, Computer Science, Information Systems, or related field or equitable working experience.
• Familiarity with threat modeling frameworks (e.g., MITRE ATT&CK).
• Knowledge of security frameworks (e.g., NIST, ISO, CSA).
• Proficiency with scripting/querying (e.g., KQL, PowerShell, Python) for analysis and automation.
• Certifications such as Security+, CySA+, CEH, GCIA, GSEC, AZ-500, SC-200, CISSP, CISM, GCIH or equivalent.

Responsibilities

• Lead the full vulnerability management lifecycle (scanning, assessment, prioritization, reporting, and remediation) across cloud and on-prem environments.
• Support and enhance asset discovery and management by leveraging tools such as Armis to ensure complete visibility of cloud, on-prem, and hybrid assets.
• Implement, monitor, and improve Azure-native security controls, including identity, workload, and data protection.
• Investigate, validate, and escalate suspicious or anomalous activity through available tools and telemetry.
• Provide strong support for incident response, including investigation, containment, remediation, and lessons learned.
• Manage and optimize SIEM and SOC operations, including detection engineering, correlation rules, alert handling, and escalation processes.
• Configure, manage, and maintain EDR capabilities to ensure effective endpoint visibility, protection, and response.
• Conduct technical and practical threat hunting in Azure and hybrid environments.
• Utilize basic scripting/querying skills (KQL, PowerShell, Python) to support investigations, analysis, and automation efforts.
• Partner with infrastructure, application, and cloud teams to assess existing controls and implement security improvements.
• Participate in regular security operations reviews and recommend improvements to processes, tools, and controls.
• Stay current on evolving cloud security risks, vulnerability trends, and attack techniques.
• Perform other security-related duties as assigned.

Benefits

• Eligible for TCW's comprehensive benefits package.
• Base Salary: For a CA based position, the base salary is $135-150K.
• In addition to the base salary, this position will be eligible to be considered for an annual discretionary bonus.