Security Analyst II

About The Position

Requirements

• A combination of education and experience generally attained through an associate’s degree (in Information Technology, Cybersecurity, Networking, or related field strongly preferred), and a minimum of 5 years of progressive experience in cybersecurity, security operations, or related IT security roles
• Strong understanding of security fundamentals including: Detection response, least privilege and access governance, endpoint and email security, vulnerability management, and incident response principles
• Hands-on experience with Microsoft security technologies (Defender, Intune, Entra ID) or equivalent enterprise platforms
• Experience working in ticketing systems (e.g., ServiceNow) with strong documentation
• Ability to analyze technical data, investigate security events, and communicate findings clearly
• Experience supporting compliance or audit requirements in regulated environments
• Experience with detection tuning, alert optimization, or SIEM adjacent workflows, including email security and phishing response platforms
• Familiarity with insurance, financial services, or other regulated industries
• Ability to communicate technical findings to both technical and non-technical audiences, including written summaries for leadership
• Familiarity with NIST Cybersecurity Framework (CSF) 2.0 or similar security frameworks

Nice To Haves

• Experience with PowerShell or other scripting languages for tasks automation is preferred
• Certifications such as Security+, CySA+, SSCP, or equivalent is preferred, but not required
• Experience contributing to security architecture or control design decisions is preferred, but not required

Responsibilities

• Perform security alert triage across endpoint, email, identity, and cloud security platforms
• Investigate suspicious activity, validate threats, and support containment and remediation
• Tune detection logic and alerting rules to reduce false positives and improve signal quality
• Document investigations, findings, and outcomes with clear, auditable notes
• Provide Tier 1-2 incident response support, including evidence collection and timeline development
• Triage and classify reported phishing emails using automated and manual analysis tools; communicate findings to end users
• Conduct regular user and privileged access reviews to support least privilege principles
• Identify and remediate access risks across Entra ID, groups, and role assignments
• Partner with identity and infrastructure teams on access governance improvements
• Support Conditional Access policy review, testing, and troubleshooting in coordination with identity and infrastructure teams
• Administer and support Microsoft Defender, Intune, email security, and related tools
• Validate endpoint compliance, protection coverage, and configuration alignment
• Support tool configuration changes following change control practices
• Define KPIs & success metrics (e.g., model accuracy, adoption, cycle time, business impact, risk/incident rate)
• Oversee observability: data drift, model decay, cost tracking, usage analytics, and incident response processes
• Manage budgets, vendor relationships, and licensing for AI platforms and tools
• Improve technical security controls across identity, endpoint, and email systems
• Develop and maintain security hardening standards and baseline configurations
• Partner with infrastructure, network, and cloud teams on secure design initiatives
• Identify gaps, recommended enhancements, and help drive security maturity
• Develop and maintain scripts and automations to improve efficiency of security operations tasks
• Support security assessments and integration activities for acquired agencies, including access provisioning, endpoint onboarding, and baseline validation

Benefits

• health, dental, vision, short-term and long-term disability, life, long-term care, 401(k) plan
• continuing professional education and development
• volunteer time off
• paid time off
• paid holidays