Information Security Analyst

About The Position

Requirements

• Bachelor’s degree in information security, cybersecurity, or a related field
• Professional IT certifications relating to IT Security or Cloud Security, such as Security+, Cloud+, GIAC Security Essentials, AZ-500, Certified Information Systems Security Professional (CISSP), or other relevant security certifications.
• Solid understanding of incident response methodologies, tools, and frameworks
• Excellent problem-solving skills and the ability to think critically under pressure
• Strong communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders

Nice To Haves

• Familiarity with cloud security concepts and best practices for securing cloud environments (AWS, Azure)
• Knowledge of web standards relating to APIs (OAuth, SSL, CORS, JWT, etc.)
• Experience with IAM / Modern Authentication / Identity tooling
• Familiarity with query languages, advanced queries, and penetration testing tools
• Knowledge of the MITRE ATT&CK framework or NIST Cyber Security Framework (CSF)

Responsibilities

• Analyzing cloud infrastructure to understand and communicate risks, concerns, and outcomes of decisions
• Reviewing, updating, and managing Web Application Firewalls
• Implementing role-based access control (RBAC), conditional access policies and enforcing multi-factor authentication (MFA) for enhanced security.
• Accountable for tracking application vulnerabilities through security tools and meeting with development teams to formulate remediation plans
• Build automation to actively audit the infrastructure for security misconfigurations by using cloud-native policies/scripts
• Design and implement secrets management solutions in cloud environments, including hands-on experience in building out systems utilizing tools such as AWS Secrets Manager or Azure Key Vault
• Conduct thorough investigations of security incidents to determine the root cause and impact
• Proactively identify potential security vulnerabilities and weaknesses in the system and recommend appropriate remediation actions
• Participate in tabletop exercises and simulations to test and improve incident response plans
• Prepare detailed incident reports, documenting the findings, actions taken, and lessons learned

Benefits

• Exceptional Retirement Plan: 2-to1- company match on up to 4% of eligible compensation (salary + bonus) and additional profit-sharing contribution.
• Comprehensive Health Coverage: Low-cost medical, dental, and vision insurance options.
• Time Off: Personal leave, flexible scheduling, floating holidays, and half-day Fridays.
• Financial Wellness: Student loan matching in our 401(k), and performance-based bonuses.
• Professional Development: Tuition reimbursement and extensive internal training programs.
• Family-Friendly Benefits: New Parent Leave, family building benefits, and childcare resources.