Information Security Analyst

About The Position

Requirements

• Bachelor's degree in Computer Science, Business Administration, MIS, Mathematics, or Engineering, plus 3 years of experience with information security, System Administration or equivalent with increasing levels of responsibility; OR High School Diploma or State-issued equivalency certificate plus 7 years of experience in Information Security, System Administration or equivalent with increasing levels of responsibility.
• Demonstrated technical expertise in IT systems.
• Strong analytical ability, communication skills and the ability to work effectively with clients/customers, IT management and staff, vendors, consultants, and auditors.
• Required to travel to company offices, sites, and/or meeting locations for onboarding, training, meetings, and events for development, department needs, and business delivery up to 5% of the time, with or without reasonable accommodation.
• Required to be 18 years or older.

Nice To Haves

• Bachelor's degree in Computer Science, Business Administration, MIS, Mathematics, or Engineering, plus 5 years of experience with data security reflecting increasing levels of responsibility.
• Extensive professional experience in management and deployment of security tools.
• Extensive knowledge of networking, databases, systems and/or Web operations.
• In-depth knowledge of data security and protection techniques.
• In-depth knowledge of application security and application security best practices.
• Professional experience in the following: Vulnerability and configuration assessment tools, IDS/IPS tools, logging and monitoring tools (SIM), DLP, audit & assessment (GRC tools), data encryption and network or application firewalls, enterprise monitoring (SIEM).
• Familiarity with mobile, SaaS & Cloud technologies.
• Professional certifications (CISSP, ISACA, GSEC, others)
• Knowledge of industry frameworks and best practices (ISO, NIST, CSC, others).
• Knowledge of regulatory requirements and compliance (PCI, SOX, HIPAA, GLBA).

Responsibilities

• Investigate incidents, identify root causes, recommend and implement corrective actions
• Continuously tune security tools and controls across on ‑ prem and cloud environments
• Lead medium-sized projects
• Support security operations
• Collaborate across IT, business partners, auditors, and vendors to keep our environment resilient and compliant
• Conduct risk assessments
• Review penetration test results
• Develop practical implementation plans for system, database, application, encryption, logging, backup, and endpoint security
• Translate technical findings into business risk and remediation priorities
• Develop standards that map to industry frameworks such as NIST and ISO
• Stay current with threat trends and emerging vulnerabilities
• Mentoring and supporting junior colleagues

Benefits

• We are committed to providing competitive compensation, perks, and a culture that supports your well-being.
• Benefits depend on your work category and may include medical and dental coverage, 401k plans, profit sharing, pet insurance, company holidays, access to an employee wine shop, and more!