Information Security Analyst I

About The Position

Requirements

• Bachelor’s degree in cybersecurity, information systems, computer science or related field.
• Experience in security operations, information security or a related technical role.
• Experience supporting on-premises, hybrid and cloud environments.
• Foundational understanding of security operations, including monitoring, incident response and vulnerability management.
• Familiarity with SIEM platforms (Splunk preferred), EDR solutions and vulnerability management tools.
• Foundational understanding of network security principles including segmentation, firewall management, VPN technologies and traffic analysis.
• Experience with Windows and Linux system administration and hardening practices.
• Awareness of common attack frameworks such as MITRE ATT&CK and prevalent adversary techniques.
• Strong analytical and problem-solving skills with attention to detail.

Nice To Haves

• Relevant certifications such as Splunk, Security+, CySA+, BTL1, PSAA or AWS Cloud Practitioner are preferred.

Responsibilities

• Configure and manage security tools including endpoint detection and response (EDR), SIEM, vulnerability management platforms, email security, identity and access management (IAM) and other security technologies.
• Support ITS and Development teams in integrating security controls into system architecture and deployment workflows.
• Assist in the evaluation and implementation of new security technologies to enhance prevention, detection and response capabilities.
• Safeguard Laserfiche information in accordance with Laserfiche Information Security Policies.
• Monitor security events and alerts from SIEM, EDR, cloud-native logging tools and other detection platforms.
• Perform triage, investigation and root cause analysis of security incidents and suspicious activity.
• Support incident response efforts in coordination with ITS and business stakeholders.
• Develop and tune detection rules, alerts and automated response playbooks to improve security visibility and reduce false positive rates.
• Document incidents, response actions and lessons learned to strengthen operational maturity.
• Participate in tabletop exercises and incident response testing activities.
• Perform recurring vulnerability scans across infrastructure, endpoints, applications and cloud environments.
• Validate findings, prioritize remediation based on risk and track mitigation progress with system owners.
• Conduct configuration reviews and security assessments of systems and cloud resources.
• Stay current on emerging threats, vulnerabilities and exploit techniques, and recommend appropriate countermeasures.
• Partner with ITS and Development teams to drive timely remediation of security findings.
• Support security configuration and monitoring of cloud and SaaS environments including AWS, Microsoft 365 and Okta.
• Review IAM roles, policies and permissions to enforce least privilege and proper access controls.
• Assist in the secure implementation of new cloud services and infrastructure changes.
• Contribute to security awareness initiatives, including phishing simulations, training content and employee communications to promote a security-conscious culture.
• Provide technical security guidance to internal stakeholders and assist in responding to security-related customer or vendor inquiries.
• Support internal audits and compliance initiatives by gathering technical evidence of control implementation.
• Participate in risk assessments, vendor reviews and architecture design discussions.
• Help refine security policies, standards and procedures based on operational experience.

Benefits

• 15 Days of Vacation
• 3 Floating Holidays
• 2 Paid Volunteer Days
• 9 Paid Holidays
• Hybrid Work Environment
• Free Parking: covered and EV charging stations
• Various 401 (k) Investment Options and Generous Company Match
• HMO and PPO Medical Care Options