Information Security Analyst

Particle Measuring Systems Inc•Niwot, CO

40d•Hybrid

About The Position

Particle Measuring Systems is seeking an Information Security Analyst to protect the confidentiality, integrity, and availability of organizational information assets. This role supports the implementation and maintenance of the company's information security program, ensuring compliance with internal policies, regulatory requirements, and industry standards (e.g., ISO 27001, NIST, GDPR). The analyst will work and collaborate closely with teams and leadership to achieve a strong controlled environment that enhances and protects the organization from threats and risks. You will work closely with the business functions to identify and mitigate areas of risk, monitor security controls, and promote a culture of security awareness across the organization.

Requirements

Bachelor's degree in information technology, Cybersecurity, Computer Science, or related field.
3-5 years of experience in information security, cybersecurity, or IT risk management.
Experience with security frameworks (ISO 27001, NIST, CIS Controls).
Familiarity with network security, endpoint protection, identity and access management, and incident response.
Strong analytical and problem-solving skills.
Excellent written and verbal communication.
Detail-oriented with a risk-based approach to decision making.
Ability to work collaboratively across technical and non-technical teams.
Commitment to continuous learning and professional development.

Nice To Haves

CompTIA Security+
GIAC Security Essentials (GSEC)

Responsibilities

Support the development, implementation, and maintenance of information security policies, standards, and procedures.
Conduct and document regular security risk assessments and audits.
Oversee program of Penetration testing within the various functions of the business
Participate in compliance activities with frameworks such as ISO 27001, NIS2, and CMMC.
Coordinate and track remediation of identified security risks or control gaps.
Assist in vendor and third-party risk assessments, ensuring due diligence and alignment with security and privacy requirements.
Monitor and analyze alerts from security tools (e.g., SIEM, EDR, vulnerability management systems).
Investigate potential security incidents and support incident response processes.
Assist with any incident response processes that may arise within the business
Perform regular vulnerability scans and assist with patch management coordination.
Collaborate with Group to ensure overall compliance with Security is achieved.
Maintain an up-to-date understanding of emerging threats and vulnerabilities relevant to our business.
Enforce and monitor access control policies and user account management practices.
Support data classification, encryption, and data loss prevention initiatives.
Ensure secure handling and disposal of sensitive or regulated data.
Conduct or coordinate employee security awareness and phishing simulation programs.
Promote a culture of cybersecurity and privacy across all departments.
Contribute to the evaluation and implementation of new security tools or processes.
Participate in post-incident reviews and lessons-learned sessions to enhance controls.
Support IT projects by providing security input during planning and implementation phases.