Information Security Analyst

About

This is a remote role from anywhere in the US

NEOGOV is a fast-growing SaaS leader in the Public Sector with a mission to serve the people who serve the people . Our clients use our software to manage their employee lifecycle from hire to retire by streamlining processes in our centralized platform. We are passionate about technology, focused on customer success, and have an entrepreneurial environment where innovation is encouraged and rewarded. NEOGOV is one of the top 50 fastest growing private software companies in the U.S. — Sound like a company you'd like to join? We are looking for top talent to make significant contributions to our products, technology, and customers.

We are seeking a highly skilled and motivated Information Security Analyst to join our dynamic team and play a crucial role in safeguarding our organization's digital assets. As an Information Security Analyst, you will be responsible for maintaining security questionnaire automation and tracking vulnerabilities and risks across the organization. You will also be responsible for creating and maintaining an information system data map that provides a comprehensive overview of all critical sources of data within the organization. You will collaborate with various departments to implement effective security measures and ensure compliance with industry standards and regulations.

NEOGOV is committed to furthering the careers of our employees. This position is designed as a stepping stone to gather Information Security experience. Core Duties listed below are a short list but the individual will be able to dive into a variety of security focused tools.

Join our team as an Information Security Analyst, and help protect our organization from cyber threats while ensuring the confidentiality, integrity, and availability of our critical data and systems.

What You Will Do

Security Monitoring and Analysis:

• Monitor networks and systems for security breaches, utilizing software and tools to identify vulnerabilities.
• Analyze security alerts and determine the appropriate course of action.
  
  

Incident Response:

• Respond to security incidents promptly, mitigating damage and protecting data.
• Document incidents, response actions, and maintain an incident response plan.
  
  

Vulnerability Management:

• Conduct regular vulnerability assessments and penetration tests.
• Collaborate with IT teams to remediate identified vulnerabilities.
  
  

Security Tools Management:

• Administer and maintain security tools and technologies, such as firewalls, intrusion detection/prevention systems, and antivirus software.
• Keep security systems updated and properly configured to ensure optimal protection.
  
  

Policy and Compliance:

• Assist in the development and enforcement of security policies, standards, and guidelines.
• Ensure compliance with relevant legal and regulatory requirements (e.g., NIST, FedRAMP, SOC2, CJIS, HIPAA).
  
  

Risk Remediation:

• Collaborate with IT and development teams to ensure prompt and effective remediation of identified vulnerabilities.
• Provide actionable recommendations and best practices to address security gaps and improve the overall security posture.
• Monitor the progress of vulnerability remediation efforts and verify that the identified risks are appropriately addressed.
  
  

Training and Awareness:

• Conduct security training and awareness programs for employees.
• Promote best practices in cybersecurity across the organization.
  
  

Reporting:

• Prepare reports that document security threats, response actions, and compliance status.
• Provide recommendations to enhance security posture based on analysis and findings.
  
  

Research and Innovation:

• Stay up-to-date with the latest cybersecurity trends, threats, and best practices.
• Participate in continuous improvement initiatives to enhance security processes and technologies.
  
  

Who You Are

• Strong problem solver with excellent communication skills
• Have s trong analytical skills and attention to detail
• Innovative and passionate about your work
• Excellent team player
  
  

What You Have

• Bachelor’s degree in Information Technology, Computer Science, or related field.
• Minimum 2 years of experience in information security or related IT roles.
• Proficiency in network security and network monitoring tools.
• Proven experience in information security analysis, vulnerability management, and risk assessment.
• Experience with security frameworks and standards, such as NIST, SOC2, FedRAMP, ISO 27001.
• Relevant certifications preferred (e.g., CISSP, CISM, CompTIA Security+, PenTest+).
  
  

Preferred Skills:

• Experience with security platforms (Crowdstrike, Elastic Security, Splunk, Tenable, Burpsuite).
• Familiarity with data access controls, encryption, and data loss prevention (DLP) techniques.
• Familiarity with scripting or programming languages for automation tasks.
• Knowledge of data privacy regulations.
  
  

What NEOGOV Offers

• Competitive Wages
• Comprehensive Benefits package (medical, dental, vision, etc.) for full-time employees effective Day 1
• Generous PTO to support work-life balance
• 401K Matching
• 12-week Paid Parental Leave
• Autonomy to grow and find your career path with supportive leadership
• Company provided lunches and a kitchen fully stocked with snacks and drinks in the Draper office.
• Inclusive and diverse work environment
  
  

NEOGOV does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factors.