Our client's Information Security team is growing, and we are looking for a motivated, detail-oriented, and collaborative Information Security Analyst to join us. We operate in a fast-paced environment where the threat landscape changes daily. A successful candidate thrives in the "calm within the storm, " responding to time-sensitive situations with a balance of speed and precision.
As an Information Security Analyst, you will play an important role in protecting the organization's digital assets, sensitive information, and personnel from the ever-evolving cybersecurity threat landscape. Your primary responsibilities will include leveraging a collection of tools to monitor security events, identify & respond to incidents and security help desk tickets, train end-users in security best practices, and assess risks for new software requests.
Tasks:
- Support the company's Incident Response procedures to facilitate appropriate, timely, and consistent response activities, including containment, investigation, and recovery from security incidents and breaches.
- Triage and respond to security alerts from our Managed Detection & Response (MDR) service, as well as user-reported of suspicious activity and email.
- Assist in developing and enforcing endpoint security policies for device hardening, removable media controls, and encryption standards.
- Collaborate with team members to document incident reports, including root cause analysis and recommendations for improvement.
- Support the development and delivery of security awareness training to meet compliance objectives and strengthen the organization's security posture.
- Conduct routine internal phishing simulations, manage reported suspicious emails, and communicate emerging cybersecurity threats and trends to the client's staff.
- Assist in developing and maintaining standard operating procedures for security-related policies, procedures, and standards, based on industry regulations and best practices.
- Assess new software and technology requests to identify potential security risks and provide actionable recommendations for mitigation.
- Support additional security-related processes and tools as assigned.
Key Qualifications and Skills:
- Bachelor's degree in Computer Science, Information Security, or related field or equivalent work experience.
- 2-3 years of experience working in an Information Security focused role, preferably within an organization that has rigorous regulatory requirements and security standards.
- Hands-on experience working in a SOC or Security Incident Response team, with core responsibilities focused on security event monitoring and incident response.
- Strong critical-thinking and problem-solving skills, with the ability to identify, assess, and mitigate risks.
- Collaborative, accountable, and adaptable; able to work effectively in a team or independently.
- Excellent verbal and written communication skills, with the ability to translate technical risks to non-technical staff.
- A strong willingness to learn, adapt, and grow within the cybersecurity field.
- Ability to work with Systems Engineering to install, configure, and troubleshoot security applications.
- Relevant Security Certifications such as CompTIA Security +, CompTIA CySA+, (ISC)2 SSCP, or GIAC Security Essentials (GSEC).
- Experience conducting and supporting security awareness training programs.
- Experience securing hybrid (Cloud & on-premises) environments with mixed Operating Systems.
- Experience supporting vulnerability remediation programs, including remediation tracking and coordination with system owners.
- Exposure to identity and access management (IAM) concepts or tools.
- Familiarity with a scripting language (e.g., PowerShell, Python) for task automation or log analysis.
