IT Security Analyst

About The Position

Requirements

• Must demonstrate good judgement when carrying out duties as assigned.
• Deep knowledge of security frameworks (NIST, ISO 27001:2022), secure network and application design, and cloud security models.
• Hands-on experience with security technologies: SIEM, EDR, IAM, DLP, MFA, firewalls, vulnerability management, and encryption.
• Experience with Azure, AWS, or Google Cloud security architectures.
• Strong understanding of identity management, authentication, and access control principles.
• Strong knowledge regarding common attacks, attack methods, and defense architecture.
• 7+ years of progressive work experience in information security or an equivalent combination of education and work experience.
• Bachelor’s degree in Computer Science, Engineering, MIS, Information Security, or related field of study or equivalent work experience.
• English is required as the written and spoken language.
• Must possess or be able to acquire a state issued Driver’s License.

Nice To Haves

• Experience in highly regulated industries (e.g., agriculture, manufacturing).
• CCSP (Certified Cloud Security Professional) and/or CISSP (Certified Information Systems Security Professional) or other related information security certifications are recommended.

Responsibilities

• Develop and maintain the enterprise security across all systems, ensuring it aligns with business strategy and IT initiatives.
• Define security requirements for systems, applications, and network designs.
• Provide subject matter expertise on security best practices, frameworks, and emerging threats.
• Evaluate, design, and implement security solutions, including firewalls, intrusion prevention systems, identity and access management, endpoint protection, and cloud security.
• Partner with enterprise architects, infrastructure teams, application developers, and business units to embed security into projects from inception.
• Provide mentorship and guidance to security engineers, administrators and analyst.
• Develop, implement, and maintain enterprise-wide information security capabilities in alignment with business objectives, IT initiatives, and the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover).
• Define and document security requirements and control objectives for systems, applications, networks, and cloud environments in accordance with NIST SP 800-53 and related standards.
• Collaborate with risk management to assess, document, and mitigate security risks.
• Maintain documentation and enforce security design patterns.
• Support and enforce SQF / QA, GMP, Safety policies and procedures, and production needs.
• Perform other duties as assigned.