Information Security Analyst

About The Position

Requirements

• Bachelor’s degree required; Computer Science, Software Engineering, Information Technology, or related field preferred.
• 1+ year of experience in Information Security, Security Operations, or related IT roles preferred.
• Hands-on or academic experience with security tools such as SIEM, EDR, or XDR platforms is preferred.
• Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment visa at this time

Nice To Haves

• Experience with one or more of the following tools is strongly preferred: CrowdStrike Falcon (EDR/XDR) Microsoft Defender suite (Defender for Endpoint, Defender for Cloud, etc.) Microsoft Sentinel (SIEM / SOAR)
• Familiarity with: Log analysis and correlation Security monitoring and alert triage Incident response workflows and tooling
• Microsoft Security certifications (e.g., SC-200, SC-300) or CrowdStrike certifications are a plus.

Responsibilities

• Supports in developing security policies, procedures, and standards for the insurance industry, ensuring alignment with best practices, regulatory requirements, and data protection laws.
• Conducts risk assessments to identify and evaluate potential security risks and vulnerabilities within the insurance infrastructure, including systems, networks, and applications.
• Manages and responds to security incidents, conducts forensic analysis to determine root cause, gathers evidence, contains incidents, and implements preventive measures to avoid recurrence.
• Performs security audits and compliance assessments to ensure the effectiveness of security controls, responds to audit findings, and maintains adherence to regulatory requirements and industry standards.
• Conducts security assessments of third-party vendors and service providers, reviewing their security practices, contracts, and risk posture to ensure the secure handling of company data.
• Implements and manages security monitoring tools and intrusion detection systems to detect and respond to potential security threats in real time.
• Monitors the IT Security environment to detect, validate, and respond to cyber threats.
• Assists in incident response activities such as host triage, malware analysis, remote system analysis, end-user interviews, and remediation efforts.
• Leverages enterprise security platforms such as endpoint detection and response (EDR) and SIEM solutions (e.g., CrowdStrike, Microsoft Defender, Microsoft Sentinel) to investigate alerts, correlate events, and enhance threat detection capabilities.
• Prepares and delivers accurate and timely reports on security incidents and resolutions, and recommends improvements to enhance the overall security posture in the insurance environment.
• Stays up to date with the latest security threats, vulnerabilities, and industry trends, sharing knowledge with the information security team and stakeholders.
• Conducts security awareness training sessions for employees, promoting best practices and fostering a culture of security awareness.
• Collaborates with IT teams to implement security controls including access management, endpoint protection, and encryption to safeguard data and systems against unauthorized access and misuse.

Benefits

• paid time off for company holidays, vacation, sick and personal days
• paid parental leave
• mental health services