Senior Information Security Analyst

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Technology, or a related field; equivalent experience will be considered.
• 5+ years of experience across multiple IT security domains, including enterprise security, risk management, governance, or security operations.
• Hands-on experience with security frameworks and control catalogs such as NIST CSF, CIS CSC, NIST 800-53, and ISO/IEC 27001/2.
• Familiarity with Sarbanes-Oxley (SOX) controls and relevant cybersecurity and privacy regulations.
• Experience administering or utilizing enterprise SIEM platforms (e.g., CrowdStrike Next Gen SIEM, Microsoft Sentinel, Splunk, or QRadar).
• Strong analytical, problem-solving, communication, and collaboration skills with an ability to balance security controls against business risk tolerance.
• Familiarity with AI security, AI governance, and risks associated with Generative AI technologies.

Nice To Haves

• Experience with PowerShell, Python, KQL, or similar scripting/query languages is a plus.
• Preferred certifications: CISSP, CISM, CISA, CRISC, Microsoft SC-200, GIAC, or other security operations-focused credentials.

Responsibilities

• Maintaining and enhancing the organization’s information security program by developing and updating policies, standards, procedures, and governance documentation.
• Conducting enterprise security and risk assessments across networks, systems, applications, vendors, and emerging technologies using frameworks such as NIST CSF and CIS Controls.
• Providing security guidance to IT and business stakeholders, including support for AI governance, privacy, and compliance initiatives.
• Leading security awareness efforts, including employee training programs, phishing simulations, and risk-based remediation activities.
• Identifying, prioritizing, and managing information security risks through control implementation, exception management, and risk treatment planning.
• Monitoring and reporting on security posture, compliance, and risk metrics through dashboards, automation, and reporting solutions.
• Supporting incident response activities by investigating security events, coordinating tabletop exercises, and collaborating with IT teams to mitigate threats.
• Administering and optimizing security monitoring capabilities including SIEM platforms, log management, alert tuning, and dashboard development.
• Performing security investigations and threat analysis across endpoint, identity, cloud, network, and application data sources.
• Contributing to threat hunting and detection engineering initiatives using frameworks such as MITRE ATT&CK.

Benefits

• Competitive Pay & Bonus Opportunities
• Health, dental, and vision insurance with up to $3,600 (individual) or $6,800 (family) in HSA contributions per year.
• Generous paid time off including 22 days of PTO and 10 paid company holidays.
• Clear promotion paths, mentorship, and ongoing professional development.
• Up to 6% matching 401(k) contributions on base salary and bonus, standard life insurance, and disability coverage.
• Annual $3,000 reimbursement for educational training and certifications.