Senior Information Security Analyst

Description

We are seeking a dedicated Information Security Analyst to join our team at our Danbury facility. In this hands-on role, you will play a crucial part in safeguarding our data across both on-premises and cloud-based applications. If you are passionate about security, have a strong technical background, and enjoy tackling technical challenges from start to finish, we would love to hear from you.

Key Responsibilities

• Implement Security Controls: Apply the Center for Internet Security (CIS) Controls framework to maintain strong security protocols and procedures.
• Manage Security Measures: Develop and manage security measures for information systems to prevent breaches, detect vulnerabilities, and manage risk.
• Conduct Audits: Perform regular system audits to ensure adherence to security standards.
• Leverage AI: Utilize AI in data security and protection strategies.
• Collaborate: Work with IT teams to integrate security practices into the development lifecycle.
• Educate: Provide training and guidance to IT staff on cybersecurity best practices.
• Stay Updated: Keep up with the latest cybersecurity trends and technologies.
• Review Security Plans: Assist with updating and reviewing the System Security Plan (SSP).
• Develop Controls: Create and implement controls such as firewalls, encryption, and vulnerability scanning, and advise on configurations for various security tools.
• Evaluate and Remediate: Assess, categorize, and address security events and vulnerabilities before they escalate.
• Enhance Security: Identify security gaps and propose enhancements to security controls.
• Participate in Projects: Engage in cybersecurity projects to ensure timely delivery and alignment with information protection requirements.
• Maintain Relationships: Collaborate with Managed Security Services Providers.
• Manage Vulnerabilities: Oversee vulnerability management, including categorizing, evaluating risk, and implementing remediation.
• Patch Management: Handle patch management for servers and endpoints.
• On-Call Support: Participate in an on-call rotation for emergency events, including outages and cyber incidents.
  
  

Qualifications

• Education: Bachelor's degree in Information Technology, Compliance, Information Management, Infrastructure, or Information Security.
• Experience: 5 to 7 years of relevant work experience.
• Technical Skills:
• Proficiency with Rapid7 and NextGen AV systems.
• Hands-on experience with AI models and information security frameworks (e.g., CIS Framework, NIST).
• Working knowledge of network technologies (switches, routers, firewalls, VPN), and security tools (DLP, antivirus, SIEM, etc.).
• Experience with cloud security (AWS, Google Cloud Platform, or Azure) and identity access management systems (IAM).
• Familiarity with HIPAA and FDA regulated environments is preferred.
• Skills:
• Strong analytical skills and experience in Cybersecurity, Information Systems, or related disciplines.
• Ability to propose and implement solutions for closing vulnerabilities.
• Experience with SIEM, configuration management, and vulnerability scanning.
  

What We Offer

• A dynamic work environment with a mix of onsite and remote flexibility.
• Opportunities for professional growth and development.
• A collaborative team culture focused on innovation and security excellence.
  
  

Employment Type: Full-Time