Security Analyst (Remote)

We are currently looking for a high-powered Security Analyst to join our team!

The Information Security Analyst provides support and guidance on enterprise-wide security operations, solutions and architecture internally during the lifecycle of IT systems for the purpose of threat and vulnerability management. This role will be focused on the support of our security operations and technology as it pertains to our EDR Platform, security event assessments, network infrastructure, system monitoring, PCI DSS compliance, and regulatory compliance. Documentation, technical aptitude and knowledge growth are key components of this role.

This position reports to the Director, Information Security and is fully remote, requiring home office space. 

YOUR DAY-TO-DAY:

• Assist in the support and documentation of EDR, SIEM and network security and monitoring solutions, including operational processes 

• Support security and technology operations to maintain the security of deployed systems  

• Support the operation of vulnerability scanning 

• Analyze and correlate security logs generated by EDR, IDS/IPS systems, firewalls, network flow/packet capture systems, and other security logging sources for any new tools 

• Monitoring and automation of SIEM and SOAR technology’s alerting via various messaging and ticketing platforms 

• Provide support for Security Operations and Incident Response 

YOU'LL BRING:

• Knowledge of endpoint security technologies; e.g., SentinelOne EDR, IAM, HIPS, FIM, DLP, etc. 

• Operational experience with security logging, event correlation, SIEM, and security automation using Python and/or other automation methods 

• Knowledge of TCP/IP, the OSI model, DNS, HTTP, VPN, routing & switching, WAF, and load balancer technologies for virtual and physical networks 

• Knowledge of threats to include common attack vectors, methodologies and payloads/exploits 

• Ability to troubleshoot complex networks 

• Ability to administer and analyze existing security solutions, e.g., firewalls, WAFs, DLP, IDS/IPS, and malware detection, packet capture and analysis tools, etc. 

• Operational experience with securing virtual and AWS cloud-based environments 

• Knowledge of secure configuration management, system hardening, and ZTNA practices 

• Knowledge of Information Security programs aligned with security policies, standards, and procedures 

• Knowledge of forensic chain of custody practices and Incident Response activities 

• Working knowledge of ITIL including incident, problem, and change management 

ADDITIONAL REQUIREMENTS:

• AA/AS combined with 2+ years of overall information security and technology operations experience  

• Information security industry recognized certification(s) highly recommended – GSEC, Security+ 

• Curious, inquisitive, innovative, lifelong learner and self-starter 

• Strong documentation and communication skills 

• Clear on responsibilities yet flexible and willing to “carry water” during times of ambiguity 

• Able to effectively give, receive, and respond to feedback