Information Security Analyst I

Role Overview

This position involves a hands-on role in defending systems for a global leader in digital transformation. You will engage in security operations, including monitoring, detection engineering, vulnerability management, and security configuration, while contributing to the growth of the enterprise security program. Working across cloud and on-premises environments, you will implement and improve security controls to safeguard applications, data, and infrastructure. This collaborative role requires partnering with various internal teams to ensure a strong and scalable security posture.

Responsibilities

Security Engineering and Control Implementation

• Configure and manage security tools, including endpoint detection and response (EDR), SIEM, vulnerability management platforms, email security, and identity and access management (IAM).
• Support technical teams in integrating security controls into system architecture and deployment workflows.
• Assist in evaluating and implementing new security technologies to enhance prevention, detection, and response capabilities.
• Safeguard information in accordance with established security policies.

Security Monitoring and Incident Response

• Monitor security events and alerts from SIEM, EDR, cloud-native logging tools, and other detection platforms.
• Perform triage, investigation, and root cause analysis of security incidents and suspicious activity.
• Support incident response efforts in coordination with business stakeholders.
• Develop and tune detection rules, alerts, and automated response playbooks to improve visibility and reduce false positives.
• Document incidents, response actions, and lessons learned to strengthen operational maturity.
• Participate in tabletop exercises and incident response testing.

Vulnerability Management and Threat Mitigation

• Perform recurring vulnerability scans across infrastructure, endpoints, applications, and cloud environments.
• Validate findings, prioritize remediation based on risk, and track progress with system owners.
• Conduct configuration reviews and security assessments of systems and cloud resources.
• Stay current on emerging threats, vulnerabilities, and exploit techniques to recommend countermeasures.

Cloud and Identity Security

• Support security configuration and monitoring of cloud and SaaS environments, including AWS, Microsoft 365, and Okta.
• Review IAM roles, policies, and permissions to enforce least privilege and proper access controls.
• Assist in the secure implementation of new cloud services and infrastructure changes.

Collaboration and Documentation

• Contribute to security awareness initiatives, including phishing simulations and training content.
• Provide technical security guidance to internal stakeholders and assist with customer or vendor inquiries.
• Support internal audits and compliance initiatives by gathering technical evidence.
• Participate in risk assessments, vendor reviews, and architecture design discussions.

Requirements

• Bachelor’s degree in cybersecurity, information systems, computer science, or a related field.
• Experience in security operations, information security, or a related technical role.
• Foundational understanding of security operations, including monitoring, incident response, and vulnerability management.
• Familiarity with SIEM platforms (Splunk preferred), EDR solutions, and vulnerability management tools.
• Understanding of network security principles, including segmentation, firewall management, VPN technologies, and traffic analysis.
• Experience with Windows and Linux system administration and hardening practices.
• Awareness of common attack frameworks such as MITRE ATT&CK and prevalent adversary techniques.
• Strong analytical and problem-solving skills with high attention to detail.

Preferred Qualifications

• Relevant certifications such as Splunk, Security+, CySA+, BTL1, PSAA, or AWS Cloud Practitioner.
• Experience supporting hybrid and cloud environments.

Benefits

• 15 days of vacation and 9 paid holidays.
• 3 floating holidays and 2 paid volunteer days.
• Various 401(k) investment options with company match.
• HMO and PPO medical care options.
• Covered parking and EV charging stations.

Work Authorization

Applicants must be authorized to work in the United States on a full-time basis without the need for employer sponsorship. Sponsorship for new or existing employment visas is not available at this time.