Cybersecurity Analyst

About The Position

Requirements

• BS in Information Security, Computer Science, Information Systems, or related field
• 5+ Years of experience in an Information Security related role
• Professional certifications such as CISM, CISSP, SSCP, or SANS GIAC
• Strong understanding of IT security principles including confidentiality, integrity, and availability (CIA triad)
• Experience with endpoint detection and monitoring EDR/XDR tools (e.g. Crowdstrike, Sentinel, or comparable solutions)
• Experience coordinating penetration testing and remediation
• Proficient understanding of cloud security concepts (AWS, GCP, or Azure) and on-premise environments
• Solid grasp of the Software Development Lifecycle (SDLC) process
• Understanding of security frameworks such as NIST, CIS, ISO 27001, ISO 42001
• Familiarity with identity management, networking, and email security
• Excellent communication and organizational skills
• Solid analytical skills with strong attention to detail
• Team-oriented mindset with the ability to work independently in a dynamic environment
• Proficiency in Google Workspace and Microsoft Office and basic project management tools

Nice To Haves

• 2+ years of experience in IT systems, networking, or cloud administration
• DevOps or DevSecOps experience
• Hands-on experience with Google Cloud Platform (GCP) security configurations
• Experience configuring or maintaining Web Application Firewalls (WAFs)
• Experience designing or deploying security awareness and phishing simulation programs
• Deep technical experience with Crowdstrike or similar EDR/XDR tools
• Proficiency in building JIRA dashboards workflows for security processes

Responsibilities

• Monitor, investigate, and escalate security detections and alerts from third-party SOC/MDR providers (CrowdStrike, Expel, Cloudflare, and other sources).
• Identify vulnerabilities and coordinate remediation across infrastructure, systems, and cloud environments (GCP CIS benchmarks, vulnerability scans, etc.).
• Perform ongoing risk reviews and coordinate vulnerability remediation efforts with internal teams.
• Assist with evidence collection for SOC 2 and other compliance audits.
• Lead the coordination and tracking of third-party penetration testing, including remediation follow-ups.
• Conduct quarterly user access reviews across key systems.
• Support and maintain cybersecurity policies, procedures, and controls; oversee annual policy reviews.
• Manage security awareness initiatives, including phishing simulations and employee training.
• Participate in customer and vendor risk assessments; prepare responses to security questionnaires.
• Integrate security best practices into the SDLC, CI/CD pipelines, and infrastructure automation.
• Collaborate with Engineering and DevOps to promote secure coding practices and ensure compliance with security standards.
• Support the AI Steering Committee by assessing security risks of AI tools and vendors, defining required controls, and guiding secure and responsible AI implementation.
• Maintain dashboards and workflows in JIRA for tracking security activities and metrics.
• Make recommendations to strengthen iTradeNetwork's security posture and operational resilience.
• Participate in ad hoc security projects and initiatives as assigned.

Benefits

• competitive salary
• comprehensive benefits package
• dynamic work culture that values collaboration, innovation, and personal development