Information Security Analyst

Cutover

23h•$145,000 - $155,000•Remote

About The Position

An inclusive work environment is an empowering one. At Cutover, we lead with empathy and enable others to succeed through curiosity, kindness, and self-expression. Location: US, remote (CST or EST time zone), willing to travel to New York office for audits as required We regret that we are unable to provide work visa sponsorship at this time. Cutover provides enterprise technology operations teams with an AI-powered SaaS solution that automates and streamlines complex processes with intelligent runbooks. The Cutover solution enables teams to respond to incidents quickly, recover from IT outages, and manage cloud migrations with precision and efficiency. Cutover is used in many of the world's largest financial institutions to support their critical technology operations, including 5 out of the top 6 largest asset managers and 3 out of the top 5 US banks. What does this role mean to us? We are looking for a versatile, proactive mid-Level Security Analyst to join our lean but high-impact security team. This “generalist” role offers a 360-degree view of Information Security and is designed for someone who thrives on variety—one day you’ll be leading a SOC 2 audit, and the next you’ll be triaging a security alert or refining our AWS security posture. As a key member of a small team, you won’t just be following a playbook; you’ll be writing it. You will have significant autonomy and the power to influence our global security strategy directly.

Requirements

3-5 years experience in Information Security, with a proven track record in a ‘full stack’ security or GRC role
Experience triaging alerts (CSPM/SIEM/EDR), incident management and a foundational understanding of cloud native security tools
You enjoy creating processes where none exist and can move from "problem identified" to "solution implemented" independently.
You’ve led SOC2 or ISO27001 audits and know how to manage evidence collection, auditor expectations and communicate to stakeholders effectively.

Nice To Haves

Relevant certifications are a plus (CISA, CISSP), but we value functional experience and the ability to apply security principles to real-world business problems above all else.

Responsibilities

Compliance & Audit Leadership: Support the maintenance of our compliance frameworks, specifically ISO 27001 and SOC2 Type II. You will need to be comfortable being a primary point of contact for external auditors.
Client Assurance: Own the end-to-end process for Client Audits and Security RFIs, translating our complex technical controls into clear, professional, and digestible responses for stakeholders.
Cloud Governance: Apply a GRC lens to our cloud environment, ensuring that our AWS infrastructure aligns with best practices (CIS benchmarks) and triage alerts in line with our internal risk appetite.
Incident Management & Triage: Monitor security tools and act as a first-to-second responder for alert triage. You’ll manage the lifecycle of security incidents, from discovery to post-mortem.
Third-Party Risk Management: Conduct thorough due diligence on suppliers, integrations , ensuring our supply chain meets our rigorous security standards.
Risk-Based Decision Making: Conduct risk assessments across the business, providing actionable advice that balances security requirements with operational efficiency.
Security Automation: Identify opportunities to automate manual GRC and SecOps tasks to increase the team's velocity.

Benefits

We're excited to offer Share Options as part of our compensation package.
20 days of PTO per year + public holidays, and we want you to take all of them!
3 volunteer days to use for any charitable/voluntary cause you would like.
A top-tier private health insurance package.
401k contribution plan
Work from home stipends
A personal learning and development budget through Learnerbly. You’ll be supported in your quest for knowledge, whatever that looks like to you.
If you’re thinking of starting or growing your family, then you’ll be in great company - more than half of our team are parents and we’ve built a globally consistent parental leave approach that we’re proud of.
Employee Referral Scheme.
Safeguarding the mental health of our teams is paramount for us. If you’d like to, then you’ll be able to avail yourself of multiple Cutover mental health initiatives, from fully subsidized therapy sessions to subscriptions to leading wellbeing platforms.