Sr. Information Security Analyst

About The Position

Requirements

• Bachelors in one of the following disciplines: Cybersecurity, Information Assurance, Management Information Systems, Computer Science, Computer Engineering, Electrical Engineering or similar technical field and minimum of 5 years related experience.
• Strong knowledge of security technologies and tools, including SIEM, IDS/IPS, firewalls, and endpoint protection.
• Experience with event handling, incident response and threat hunting.
• Ability to communicate effectively with various levels of technical expertise or non-expertise (written, verbal, presentation skills).
• Organized and detail-oriented, able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently.
• Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.
• Experience with ICS network monitoring including serial, Ethernet, wireless, etc.
• Working knowledge of cybersecurity policies, standards, and frameworks (CIS, NIST, etc.) related to IT environments.
• Experience with operational technology and knowledge of ICS security best practices.

Nice To Haves

• Relevant certifications such as CISSP and CISM are highly desirable.

Responsibilities

• Serve as the senior technical escalation point for complex investigations and response activities across IT and ICS/OT environments.
• Act as the internal escalation for the Managed Service Provider: review escalated cases, confirm scope/impact, request additional evidence as needed, and drive the investigation to resolution.
• Define and maintain escalation criteria, severity definitions, and evidence requirements to ensure consistent performance.
• Perform quality reviews of Managed Service Provider incident tickets (timeliness, analysis depth, documentation, and recommendations) and provide feedback.
• Mentor SOC analysts through coaching, investigation walk-throughs, and after-action reviews; contribute to skills development and knowledge transfer.
• Provide technical guidance on investigation methodology, evidence collection, and response actions.
• Partner with IT, and OT operations teams to embed security controls and logging requirements across systems and services.
• Provide technical input on policy development, control design, and remediation planning based on observed threats, incidents, and detection gaps.
• Review and validate operational metrics for assigned areas (e.g., alert quality, false positives, detection coverage, response timelines) and recommend improvements.
• Ensure investigations and response activities align with business priorities and applicable regulatory requirements; support audits and evidence requests as needed.
• Contribute to the maturity of threat intelligence, threat hunting, incident response, and purple teaming by identifying gaps, proposing enhancements, and implementing improvements within assigned scope.
• Drive continuous improvement of security operations playbooks, procedures, and team readiness through lessons learned and regular reviews.
• Provide technical ownership for assigned security services and platforms to ensure reliability and scalability.
• Manage assigned incident workload and Managed Service Provider escalations by ensuring security incidents and events are identified, analyzed, documented, and driven to closure within defined timelines.
• Coordinate with the Managed Service Provider on active investigations (e.g., evidence requests, containment steps, and status updates) and participate in regular service reviews to address trends and recurring issues.
• Recommend security controls to protect information systems based on ongoing reviews of security incidents, vulnerabilities, and threats.
• Stay up to date with the latest threats, vulnerabilities, and security trends and make recommendations for improving our security posture.
• Candidate must be available 24/7/365

Benefits

• paid time off
• medical/dental/vision insurance
• 401(k)