Senior Security Analyst

ORIONLehi, UT
18h$99,862 - $154,679Hybrid

About The Position

About this Opportunity: The Senior Security Analyst ensures the adherence of security best practices and validates the confidentiality, integrity, and availability of the data within Orion’s multiple environments. The Senior Security Analyst will contribute to the development and implementation of internal security requirements and provide guidance to technical teams around these developed security requirements. The Senior Security Analyst monitors and assesses information security controls and works with technical teams to remediate any security vulnerabilities identified in a timely manner. The Senior Security Analyst works with other members of the Information Security Department to test and validate security controls and supports the Orion security program in general. For Internal and External Candidates: Candidates must work in-office at one of the following locations for at least 3 days per week: Lehi, UT. In this role, you’ll get to: Serve as SME on security controls and provide evidence for security audits and due diligence questionnaires Manage assigned Information Security projects through cross-team collaboration and focus on continual process improvement Ensure adherence to Orion’s Information Security Management System (ISMS) and other security policies Continually review and assess Orion’s environment for controls effectiveness and for potential vulnerabilities. Document findings, evaluate risk, and make recommendations for remediation efforts Identify emerging security and privacy threats. Recommend and implement appropriate responses as necessary Design, implement, and maintain Orion’s DSPM tooling Maintain and contribute to the Information Security awareness and training program Mentor other members of the team Assist the Security Governance and Compliance team with policy creation and maintenance and validate policy effectiveness Work closely with the Development, Platform, and InfoSec teams for various security tasks and initiatives

Requirements

  • Has extensive hands-on experience utilizing common information security tools, including IDS/IPS, EDR, DLP, DSPM and CSPM technologies
  • Has strong analytical skills and experience correlating information from multiple sources to discern patterns
  • Has an advanced understanding of the existing cyber threat landscape and the desire to keep abreast of emerging threats and challenges
  • Has strong understanding of information systems
  • Has strong Knowledge of security principles, architecture, and infrastructure best practices
  • Has working knowledge of cybersecurity frameworks: ISO, NIST, MITRE ATT&CK
  • Has familiarity with control frameworks and a general understanding of cyber risk
  • Has strong technical writing and communication skills with the ability to articulate security vulnerabilities, best practices, and requirements to technical and nontechnical teams
  • Documents information security standards/guidelines and control requirements
  • Leverages AI to improve efficiency
  • Multi-tasks while maintaining careful attention to detail
  • Works independently with minimal direction and within a team environment
  • Works with a sense of urgency to meet deadlines and address competing priorities
  • Has effective written, listening, and verbal communication skills
  • Has effective problem solving and organizational skills
  • Has a minimum of a bachelor’s degree in MIS, Computer Science, Network Technology, Cybersecurity, Application Development, Cloud Computing preferred
  • Has two or more Industry certifications, or the ability to obtain within 12 months: ISC2 , CompTIA , GIAC , AWS , Azure
  • Has a minimum of 6 years of experience in Information Technology, Cybersecurity, Application Development, or related field
  • Has a minimum 3 years of experience with security tools and technologies
  • Owns and manages relationships with stakeholders directly and works effectively with people at all levels in an organization

Nice To Haves

  • Has experience with control test automation and scripting languages preferred

Responsibilities

  • Serve as SME on security controls and provide evidence for security audits and due diligence questionnaires
  • Manage assigned Information Security projects through cross-team collaboration and focus on continual process improvement
  • Ensure adherence to Orion’s Information Security Management System (ISMS) and other security policies
  • Continually review and assess Orion’s environment for controls effectiveness and for potential vulnerabilities.
  • Document findings, evaluate risk, and make recommendations for remediation efforts
  • Identify emerging security and privacy threats.
  • Recommend and implement appropriate responses as necessary
  • Design, implement, and maintain Orion’s DSPM tooling
  • Maintain and contribute to the Information Security awareness and training program
  • Mentor other members of the team
  • Assist the Security Governance and Compliance team with policy creation and maintenance and validate policy effectiveness
  • Work closely with the Development, Platform, and InfoSec teams for various security tasks and initiatives

Benefits

  • health, dental, vision, and disability coverage on day one
  • 401(k) plan with employer match
  • paid parental leave
  • pet benefits including pawternity leave and pet insurance
  • student loan repayment
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service