Job Title: Information Security Analyst - 100% Remote (Dallas, TX) - Candidate already selected
Location: 100% Remote (Dallas, TX)
Schedule: Core business hours are Central Time (CST), 8:00 AM5:00 PM. Position may occasionally require work outside these hours, including evenings and weekends.
Employment Status: Temporary to Permanent
Travel: Limited travel required after conversion to full time
Work Authorization: U.S. citizenship required. No sponsorship provided.
Key requirements:
Security monitoring and alert triage: Hands-on experience reviewing, prioritizing, and triaging alerts from SIEMs (e.g., Splunk, QRadar, Microsoft Sentinel), EDR/anti-malware tools (e.g., CrowdStrike, Microsoft Defender), and other security/log sources; able to distinguish true incidents from false positives and escalate appropriately.
Enterprise environment experience: Prior experience supporting security operations in a large, distributed enterprise (remote workforce and global partners), including working with multiple time zones and varied IT stacks.
Network and/or server security fundamentals: Strong practical knowledge of computer networking and/or server administration best practices (TCP/IP, firewalls, IDS/IPS, Windows/Linux hardening); able to interpret network and host logs to support investigations.
Pentesting / ethical hacking familiarity: Familiarity with pentesting tools, techniques, and reports (e.g., Nmap, Burp Suite, Metasploit); interest in offensive security approaches and the ability to interpret pentest findings to support remediation.
Vulnerability assessment and impact analysis: Ability to read vulnerability reports, assess severity and business impact, and recommend or validate remediation steps; experience with vulnerability scanners (e.g., Nessus, Qualys)
Job Description
The Information Security Analyst is responsible for maintaining the confidentiality, integrity and availability of Group IT data and assets. This role combines technical and compliance expertise to create and implement security and privacy controls, policies, and procedures that mitigate risk. The analyst will promote security-privacy governance across the organization, influence technical and non-technical stakeholders, and support the Director of Information Security and CISO objectives.
Primary Responsibilities
Monitor security trends and the emerging threat landscape.
Investigate security incidents including malware infections, data leakage, internal/external network abuse, SPAM/email viruses, phishing attempts, and IDS/IPS alerts.
Document support activities and record incident resolutions.
Serve as a subject matter expert (SME) working with IT and business teams to develop security programs.
Assist with risk assessments for enterprise systems.
Document, audit, and validate security controls; recommend enhancements to systems and devices.
Detect, report, and track vulnerability remediation for internal and Azure-based systems.
Engage with the business to understand requirements and deliver customer-centric security solutions.
Collaborate across teams to improve security and risk posture.
Conduct research and review security standards and systems from an IT security/privacy and governance perspective.
Champion security to end users using a whats in it for the users approach.
Contribute to development of security/privacy standards, access controls, and governance requirements for applications, network infrastructure, servers, and workstations.
Develop and maintain accurate security/privacy documentation, diagrams, and records for implemented technologies.
Assist the Director of Information Security with strategic planning to meet team and CISO objectives.
Perform other duties as assigned.
Required Qualifications
Education: Bachelors degree (required).
Experience:
Minimum 5 years of IT experience.
Minimum 3 years of direct security-related experience.
Broad experience with server, desktop, and networking technologies.
Linux experience is an asset but not mandatory.
Certifications: CISSP or equivalent security certification required/preferred (please confirm).
Technical knowledge:
In-depth expertise in Windows-based desktop and server technologies.
In-depth knowledge of TCP/IP and networking concepts.
Experience with vulnerability management and Azure security controls.
Skills:
Strong critical thinking, analytical and problem-solving skills.
Ability to interact effectively with technical peers and non-technical users.
Excellent verbal and written communication skills.
Preferred / Nice-to-Have
Hands-on experience with Azure security tooling and remediation workflows.
Experience with IDS/IPS systems, email security platforms, and endpoint detection & response (EDR).
Familiarity with security frameworks and governance (e.g., NIST CSF, ISO 27001, CIS controls).
Working Conditions and Physical Demands
Work environment: Primarily remote; occasional travel to offsite locations (up to 20%).
Exposed to electrical hazards: Occasionally (up to 20%).
Handles potentially dangerous equipment: None.
Physical activities:
Sit: Frequently (21% to 50%).
Walk: Frequently (21% to 50%).
Use hands to operate computer and office machinery: Constantly (at least 51%).
Stoop/kneel/crouch occasionally (up to 20%) to access hardware.
Lift up to 10, 25, and 50 pounds occasionally (up to 20%).
Talk/hear: Constantly (at least 51%).
Compliance & Disclaimer
USA (A VEVRAA Federal Contractor) and its affiliated companies are EEO/Disabled/Veterans employers. All qualified candidates will receive consideration for employment without regard to any characteristics protected by law.
Start Time: Core Business Hours - 8 am - 5 pm
End Time: Position may occasionally require work outside these hours, including evenings and weekends.