Security Analyst II

About The Position

Requirements

• Minimum of 7 years of progressive, hands‑on experience in information security.
• Demonstrated experience advising business and IT stakeholders on security controls and risk mitigation.
• Hands‑on experience with deployment and integration of security technologies.
• Hands‑on experience with vulnerability management tools (e.g., Qualys, Tenable).
• Hands‑on experience with application security scanning and remediation (SAST/DAST – e.g., Qualys, Checkmarx).
• Hands‑on experience with security monitoring and incident response platforms (e.g., CrowdStrike, Splunk).
• Cloud security concepts and controls (AWS, Azure).
• Network security principles (TCP/IP, OSI Model, NAC, 802.1x, ISE, SSE, Zero Trust).
• Identity and access management technologies, including SSO, MFA, and PAM (e.g., Entra ID, Okta, Duo, CyberArk).
• Operating system security for Windows and Linux environments.
• Security frameworks and standards (e.g., NIST, ISO/IEC 27001).
• Working knowledge of scripting or programming languages (e.g., C, Java, Perl, Shell).
• Bachelor’s degree in information security or equivalent professional experience.
• Certified Information Systems Security Professional (CISSP).
• AWS Certified Security – Specialty.
• Strong analytical and problem‑solving capabilities.
• Excellent written and verbal communication skills.
• Customer‑service‑oriented mindset.
• Highly self‑motivated with strong organizational skills.
• Ability to work effectively in a collaborative, team‑oriented environment.
• Professional maturity and demonstrated leadership capabilities.
• Ability to effectively engage with stakeholders at multiple levels of the organization.

Responsibilities

• Monitor, analyze, and investigate security alerts to detect potential security incidents or breaches.
• Lead and participate in incident response activities, including containment, remediation, and post‑incident analysis.
• Conduct proactive threat hunting activities to identify and isolate advanced or emerging threats.
• Maintain awareness of current and emerging information security threats, attack techniques, and industry trends.
• Advise business and IT initiatives to ensure alignment with security requirements and risk management objectives.
• Lead infrastructure vulnerability management activities, including oversight of scanning tools and coordination of remediation efforts.
• Lead application security assessments, including vulnerability scanning and remediation for SAST and DAST findings.
• Deploy, integrate, and configure new security technologies and enhancements in accordance with defined standards and best practices.
• Monitor and maintain existing security solutions to ensure optimal performance and effectiveness.
• Recommend improvements or enhancements to security technologies to strengthen the organization’s security posture.
• Participate in the planning and design of enterprise security architecture.
• Contribute to the development and maintenance of security documentation, including policies, standards, baselines, guidelines, and procedures.
• Perform daily operational security tasks in support of the cybersecurity program.
• Review security advisories and assess applicability and impact to the organization.
• Participate in after‑hours on‑call support and incident response activities as required.
• Perform other duties as assigned.

Benefits

• Health insurance coverage
• Wellness programs
• Life and disability insurance
• Retirement savings plans
• Paid leave programs
• Education-related programs
• Paid holidays
• Vacation time
• Training Reimbursement
• Paid Professional Designations
• Employee Savings Plan (ESP)
• Corporate Discount Program
• Enhanced group benefits
• Parental Leave Top–up program
• Paid time off for Volunteering