Information Security Analyst I

Laserfiche•Long Beach, CA

1d•$41 - $53•Hybrid

About The Position

Join Laserfiche as an Information Security Analyst I and play a hands-on role in defending the systems that power a global leader in digital transformation. In this dynamic position, you’ll dive into real security operations—monitoring, detection engineering, vulnerability management, and security configuration—while helping grow the enterprise security program. You’ll work across cloud and on‑prem environments, implementing and continuously improving security controls that safeguard critical applications, data, and infrastructure. This is a highly collaborative role where you’ll partner with teams across ITS, the Business Transformation Office, GRC, Development, and more to ensure Laserfiche’s security posture is strong, scalable, and aligned with business goals. If you’re passionate about hands-on security work, eager to learn, and excited to make a direct impact on enterprise protection, this role offers the opportunity to grow, innovate, and contribute from day one. Location: Hybrid: Three days per week (Tuesday, Wednesday and Thursday) in-office in Long Beach, CA Remote work from home on Mondays and Fridays Periodic after-hours support may be required for security incidents or maintenance activities.

Requirements

Bachelor’s degree in cybersecurity, information systems, computer science or related field.
Experience in security operations, information security or a related technical role.
Experience supporting on-premises, hybrid and cloud environments.
Foundational understanding of security operations, including monitoring, incident response and vulnerability management.
Familiarity with SIEM platforms (Splunk preferred), EDR solutions and vulnerability management tools.
Foundational understanding of network security principles including segmentation, firewall management, VPN technologies and traffic analysis.
Experience with Windows and Linux system administration and hardening practices.
Awareness of common attack frameworks such as MITRE ATT&CK and prevalent adversary techniques.
Strong analytical and problem-solving skills with attention to detail.

Nice To Haves

Relevant certifications such as Splunk, Security+, CySA+, BTL1, PSAA or AWS Cloud Practitioner are preferred.

Responsibilities

Security Engineering and Control Implementation Configure and manage security tools including endpoint detection and response (EDR), SIEM, vulnerability management platforms, email security, identity and access management (IAM) and other security technologies.
Support ITS and Development teams in integrating security controls into system architecture and deployment workflows.
Assist in the evaluation and implementation of new security technologies to enhance prevention, detection and response capabilities.
Safeguard Laserfiche information in accordance with Laserfiche Information Security Policies.
Security Monitoring and Incident Response Monitor security events and alerts from SIEM, EDR, cloud-native logging tools and other detection platforms.
Perform triage, investigation and root cause analysis of security incidents and suspicious activity.
Support incident response efforts in coordination with ITS and business stakeholders.
Develop and tune detection rules, alerts and automated response playbooks to improve security visibility and reduce false positive rates.
Document incidents, response actions and lessons learned to strengthen operational maturity.
Participate in tabletop exercises and incident response testing activities.
Vulnerability Management and Threat Mitigation Perform recurring vulnerability scans across infrastructure, endpoints, applications and cloud environments.
Validate findings, prioritize remediation based on risk and track mitigation progress with system owners.
Conduct configuration reviews and security assessments of systems and cloud resources.
Stay current on emerging threats, vulnerabilities and exploit techniques, and recommend appropriate countermeasures.
Partner with ITS and Development teams to drive timely remediation of security findings.
Cloud and Identity Security Support security configuration and monitoring of cloud and SaaS environments including AWS, Microsoft 365 and Okta.
Review IAM roles, policies and permissions to enforce least privilege and proper access controls.
Assist in the secure implementation of new cloud services and infrastructure changes.
Collaboration, Documentation and Continuous Improvement Contribute to security awareness initiatives, including phishing simulations, training content and employee communications to promote a security-conscious culture.
Provide technical security guidance to internal stakeholders and assist in responding to security-related customer or vendor inquiries.
Support internal audits and compliance initiatives by gathering technical evidence of control implementation.
Participate in risk assessments, vendor reviews and architecture design discussions.
Help refine security policies, standards and procedures based on operational experience.