Senior Security Analyst

About The Position

Requirements

• Has extensive hands-on experience utilizing common information security tools, including IDS/IPS, EDR, DLP, DSPM and CSPM technologies
• Has strong analytical skills and experience correlating information from multiple sources to discern patterns
• Has an advanced understanding of the existing cyber threat landscape and the desire to keep abreast of emerging threats and challenges
• Has strong understanding of information systems
• Has strong Knowledge of security principles, architecture, and infrastructure best practices
• Has working knowledge of cybersecurity frameworks: ISO, NIST, MITRE ATT&CK
• Has familiarity with control frameworks and a general understanding of cyber risk
• Has strong technical writing and communication skills with the ability to articulate security vulnerabilities, best practices, and requirements to technical and nontechnical teams
• Documents information security standards/guidelines and control requirements
• Leverages AI to improve efficiency
• Multi-tasks while maintaining careful attention to detail
• Works independently with minimal direction and within a team environment
• Works with a sense of urgency to meet deadlines and address competing priorities
• Has effective written, listening, and verbal communication skills
• Has effective problem solving and organizational skills
• Has a minimum of a bachelor’s degree in MIS, Computer Science, Network Technology, Cybersecurity, Application Development, Cloud Computing preferred
• Has two or more Industry certifications, or the ability to obtain within 12 months: ISC2 , CompTIA , GIAC , AWS , Azure
• Has a minimum of 6 years of experience in Information Technology, Cybersecurity, Application Development, or related field
• Has a minimum 3 years of experience with security tools and technologies
• Owns and manages relationships with stakeholders directly and works effectively with people at all levels in an organization

Nice To Haves

• Has experience with control test automation and scripting languages preferred

Responsibilities

• Serve as SME on security controls and provide evidence for security audits and due diligence questionnaires
• Manage assigned Information Security projects through cross-team collaboration and focus on continual process improvement
• Ensure adherence to Orion’s Information Security Management System (ISMS) and other security policies
• Continually review and assess Orion’s environment for controls effectiveness and for potential vulnerabilities.
• Document findings, evaluate risk, and make recommendations for remediation efforts
• Identify emerging security and privacy threats.
• Recommend and implement appropriate responses as necessary
• Design, implement, and maintain Orion’s DSPM tooling
• Maintain and contribute to the Information Security awareness and training program
• Mentor other members of the team
• Assist the Security Governance and Compliance team with policy creation and maintenance and validate policy effectiveness
• Work closely with the Development, Platform, and InfoSec teams for various security tasks and initiatives

Benefits

• health, dental, vision, and disability coverage on day one
• 401(k) plan with employer match
• paid parental leave
• pet benefits including pawternity leave and pet insurance
• student loan repayment