Information Security Analyst

Kimley-HornDurham, NC
1dOnsite

About The Position

Kimley-Horn is looking for an Information Security Analyst to join our Durham, North Carolina (NC) office! This is not a remote position. As an Information Security Analyst, you will play a critical role in ensuring the security of our organization's technology infrastructure and assets. You will be responsible for ensuring the security of our cloud infrastructure and applications, as well as identifying and mitigating security risks.

Requirements

  • Bachelor’s degree in information security, cybersecurity, or a related field
  • Professional IT certifications relating to IT Security or Cloud Security, such as Security+, Cloud+, GIAC Security Essentials, AZ-500, Certified Information Systems Security Professional (CISSP), or other relevant security certifications.
  • Solid understanding of incident response methodologies, tools, and frameworks
  • Excellent problem-solving skills and the ability to think critically under pressure
  • Strong communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders

Nice To Haves

  • Familiarity with cloud security concepts and best practices for securing cloud environments (AWS, Azure)
  • Knowledge of web standards relating to APIs (OAuth, SSL, CORS, JWT, etc.)
  • Experience with IAM / Modern Authentication / Identity tooling
  • Familiarity with query languages, advanced queries, and penetration testing tools
  • Knowledge of the MITRE ATT&CK framework or NIST Cyber Security Framework (CSF)

Responsibilities

  • Analyzing cloud infrastructure to understand and communicate risks, concerns, and outcomes of decisions
  • Reviewing, updating, and managing Web Application Firewalls
  • Implementing role-based access control (RBAC), conditional access policies and enforcing multi-factor authentication (MFA) for enhanced security.
  • Accountable for tracking application vulnerabilities through security tools and meeting with development teams to formulate remediation plans
  • Build automation to actively audit the infrastructure for security misconfigurations by using cloud-native policies/scripts
  • Design and implement secrets management solutions in cloud environments, including hands-on experience in building out systems utilizing tools such as AWS Secrets Manager or Azure Key Vault
  • Conduct thorough investigations of security incidents to determine the root cause and impact
  • Proactively identify potential security vulnerabilities and weaknesses in the system and recommend appropriate remediation actions
  • Participate in tabletop exercises and simulations to test and improve incident response plans
  • Prepare detailed incident reports, documenting the findings, actions taken, and lessons learned

Benefits

  • Exceptional Retirement Plan: 2-to1- company match on up to 4% of eligible compensation (salary + bonus) and additional profit-sharing contribution.
  • Comprehensive Health Coverage: Low-cost medical, dental, and vision insurance options.
  • Time Off: Personal leave, flexible scheduling, floating holidays, and half-day Fridays.
  • Financial Wellness: Student loan matching in our 401(k), and performance-based bonuses.
  • Professional Development: Tuition reimbursement and extensive internal training programs.
  • Family-Friendly Benefits: New Parent Leave, family building benefits, and childcare resources.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service