INFORMATION SECURITY ANALYST II (11706)

CULLMAN REGIONAL•Cullman, AL

1d•Onsite

About The Position

Security Monitoring & Incident Response Monitor SOC, IDS/IPS/NDR, endpoint protection, and cloud security tools for suspicious activity. Investigate security alerts, determine root cause, and recommend remediation. Lead response efforts for moderate‑complexity security incidents. Escalate critical or advanced threats to manager and director. Threat Analysis & Vulnerability Management Conduct vulnerability scans and coordinate remediation actions with system owners. Analyze threat intelligence sources to identify new risks relevant to the organization. Assist in tracking and reducing the organization’s overall risk exposure. Security Engineering & Controls Support the configuration and tuning of security tools (e.g., SIEM, EDR, firewalls, DLP). Maintain and improve security monitoring use cases, dashboards, and correlation rules. Review system and application logs for indicators of compromise. Governance, Compliance & Documentation Ensure adherence to security policies, procedures, and regulatory requirements (e.g., PCI‑DSS, HIPAA, NIST). Produce accurate incident reports, metrics, and documentation. Participate in internal and external security audits. Collaboration & Support Work closely with IT teams to strengthen security posture and ensure proper implementation of controls. Assist with security awareness initiatives when needed.

Requirements

Bachelor's degree in computer science, information systems or related field required.
2–4+ years of experience in cybersecurity, SOC operations, or related IT security roles.
Knowledge of network security, threat detection, and security operations processes.
Hands‑on experience with SOC tools (e.g., Splunk, Microsoft Sentinel, QRadar), EDR platforms, or vulnerability scanners.
Familiarity with common attack vectors and frameworks (MITRE ATT&CK, Cyber Kill Chain).
Strong analytical and problem‑solving skills.

Nice To Haves

Relevant certifications such as Security+, CySA+, CEH, GSEC, or Azure/AWS security certifications.
Experience working in hybrid cloud environments (Azure, AWS, M365).
Background in scripting or automation (PowerShell, Python, etc.).

Responsibilities

Monitor SOC, IDS/IPS/NDR, endpoint protection, and cloud security tools for suspicious activity.
Investigate security alerts, determine root cause, and recommend remediation.
Lead response efforts for moderate‑complexity security incidents.
Escalate critical or advanced threats to manager and director.
Conduct vulnerability scans and coordinate remediation actions with system owners.
Analyze threat intelligence sources to identify new risks relevant to the organization.
Assist in tracking and reducing the organization’s overall risk exposure.
Support the configuration and tuning of security tools (e.g., SIEM, EDR, firewalls, DLP).
Maintain and improve security monitoring use cases, dashboards, and correlation rules.
Review system and application logs for indicators of compromise.
Ensure adherence to security policies, procedures, and regulatory requirements (e.g., PCI‑DSS, HIPAA, NIST).
Produce accurate incident reports, metrics, and documentation.
Participate in internal and external security audits.
Work closely with IT teams to strengthen security posture and ensure proper implementation of controls.
Assist with security awareness initiatives when needed.