Information Security Analyst

Our client's Information Security team is growing, and we are looking for a motivated, detail-oriented, and collaborative Information Security Analyst to join us. We operate in a fast-paced environment where the threat landscape changes daily. A successful candidate thrives in the "calm within the storm, " responding to time-sensitive situations with a balance of speed and precision.

As an Information Security Analyst, you will play an important role in protecting the organization's digital assets, sensitive information, and personnel from the ever-evolving cybersecurity threat landscape. Your primary responsibilities will include leveraging a collection of tools to monitor security events, identify & respond to incidents and security help desk tickets, train end-users in security best practices, and assess risks for new software requests.

Tasks:

• Support the company's Incident Response procedures to facilitate appropriate, timely, and consistent response activities, including containment, investigation, and recovery from security incidents and breaches.
• Triage and respond to security alerts from our Managed Detection & Response (MDR) service, as well as user-reported of suspicious activity and email.
• Assist in developing and enforcing endpoint security policies for device hardening, removable media controls, and encryption standards.
• Collaborate with team members to document incident reports, including root cause analysis and recommendations for improvement.
• Support the development and delivery of security awareness training to meet compliance objectives and strengthen the organization's security posture.
• Conduct routine internal phishing simulations, manage reported suspicious emails, and communicate emerging cybersecurity threats and trends to the client's staff.
• Assist in developing and maintaining standard operating procedures for security-related policies, procedures, and standards, based on industry regulations and best practices.
• Assess new software and technology requests to identify potential security risks and provide actionable recommendations for mitigation.
• Support additional security-related processes and tools as assigned.

Key Qualifications and Skills:

• Bachelor's degree in Computer Science, Information Security, or related field or equivalent work experience.
• 2-3 years of experience working in an Information Security focused role, preferably within an organization that has rigorous regulatory requirements and security standards.
• Hands-on experience working in a SOC or Security Incident Response team, with core responsibilities focused on security event monitoring and incident response.
• Strong critical-thinking and problem-solving skills, with the ability to identify, assess, and mitigate risks.
• Collaborative, accountable, and adaptable; able to work effectively in a team or independently.
• Excellent verbal and written communication skills, with the ability to translate technical risks to non-technical staff.
• A strong willingness to learn, adapt, and grow within the cybersecurity field.
• Ability to work with Systems Engineering to install, configure, and troubleshoot security applications.
• Relevant Security Certifications such as CompTIA Security +, CompTIA CySA+, (ISC)2 SSCP, or GIAC Security Essentials (GSEC).
• Experience conducting and supporting security awareness training programs.
• Experience securing hybrid (Cloud & on-premises) environments with mixed Operating Systems.
• Experience supporting vulnerability remediation programs, including remediation tracking and coordination with system owners.
• Exposure to identity and access management (IAM) concepts or tools.
• Familiarity with a scripting language (e.g., PowerShell, Python) for task automation or log analysis.