Sr. Cybersecurity and InfoSec Analyst

About The Position

Requirements

• Bachelor degree in Cybersecurity, Information Technology, Computer Science, or related field
• Five to seven years of professional experience in cybersecurity or information security roles
• Strong knowledge of network protocols, firewalls, IDS or IPS systems, and encryption methods
• Experience using platforms such as Splunk, CrowdStrike, Cisco Umbrella, Arctic Wolf, or similar solutions
• Familiarity with cloud security controls in AWS or Azure
• Ability to use scripting languages such as Python or PowerShell for automation or analysis
• Strong analytical reasoning and problem solving capability
• Ability to explain complex security issues to diverse audiences
• Comfortable multitasking in a fast moving environment

Nice To Haves

• Experience supporting security operations within manufacturing or construction settings is a plus
• Certifications such as CISSP, CISM, CEH, or Security Plus are highly valued
• Experience with industrial control system security is beneficial

Responsibilities

• Security Governance and Program Development Create and maintain security policies, standards, and procedures that align with best practices and regulatory requirements Utilize frameworks such as NIST and CIS to drive security maturity Lead risk assessments in partnership with security SaaS providers and internal teams to uncover vulnerabilities
• Monitoring and Threat Detection Oversee SaaS supported monitoring of network and system activity using advanced tools such as SIEM and IDS or IPS platforms Identify anomalies, investigate alerts, and document security events thoroughly Manage incident response activities including investigation, containment, eradication, and post event review
• Technical Security Operations Support configuration and tuning of firewalls, VPNs, endpoint security platforms, and related technologies Participate in vulnerability scans and penetration testing efforts and ensure proper remediation Review security controls across cloud, on premises, and hybrid environments Support secure system architecture decisions for new and existing solutions
• Awareness, Training, and Culture Recommend cybersecurity training materials and programs to strengthen organizational awareness Communicate emerging risks and best practices to employees at all levels Foster a culture where secure behavior is a shared responsibility
• Compliance and Reporting Ensure alignment with relevant compliance expectations including CMMC, NIST, CIS, and PCI DSS Prepare clear reporting on security posture, incidents, and program status for leadership
• Collaboration and Leadership Partner with IT, operations, and business groups to embed security considerations into daily workflows Provide mentorship and technical guidance to junior analysts Stay informed on new threats, tools, and strategies and recommend enhancements to the security roadmap