Role Summary:
The Security Analyst supports the organization’s security, identity, and IT operations by monitoring systems, responding to security events, managing access controls, and assisting with day-to-day security and IT initiatives. This role works closely with the Manager of Information Security, Compliance & IT to strengthen the company’s security posture, support compliance requirements, and ensure reliable and secure IT operations as the organization scales.
This position is ideal for a technically curious, hands-on analyst who wants exposure to cloud security, SaaS environments, compliance frameworks, and real-world security operations.
Key Responsibilities:
Security Operations (SecOps)
- Monitor security alerts and logs from security tools (SIEM, EDR, cloud security platforms)
- Triage, investigate, and escalate security events and incidents
- Assist with incident response activities, evidence collection, and post-incident reviews
- Support vulnerability management activities, including scan reviews and remediation tracking
- Help maintain detection rules, alerts, and operational runbooks
Identity & Access Management (IAM)
- Manage user lifecycle processes (onboarding, offboarding, role changes)
- Administer identity platforms (e.g., Google Workspace, cloud IAM, SSO providers)
- Enforce least-privilege access and role-based access controls
- Review and certify user access on a recurring basis
- Assist with MFA enforcement and access exception tracking
IT & Endpoint Operations
- Support endpoint management activities (macOS, Windows, mobile devices)
- Assist with endpoint security tooling (EDR, MDM, disk encryption, patching)
- Help troubleshoot user access, authentication, and device-related issues
- Maintain asset inventories and assist with IT documentation
Compliance & Governance Support
- Assist with compliance evidence collection (SOC 2, ISO 27001, PCI DSS, etc.)
- Support audit preparation and remediation activities
- Help maintain security documentation, procedures, and internal standards
- Participate in tabletop exercises and security drills
Continuous Improvement
- Identify opportunities to automate security and IT workflows
- Contribute to improving security monitoring, IAM processes, and operational efficiency
- Stay current on security threats, best practices, and tooling
Required Qualifications:
Technical Skills
- 2–4 years of experience in information security, IT operations, or a related role
- Hands-on experience with IAM concepts (SSO, MFA, RBAC, least privilege)
- Familiarity with security operations concepts (SIEM, EDR, alert triage)
- Basic understanding of cloud platforms (GCP, AWS, or Azure)
- Experience supporting macOS and/or Windows endpoints
Security Knowledge
- Understanding of common security frameworks and standards (SOC 2, ISO 27001, NIST, PCI)
- Familiarity with incident response and vulnerability management concepts
- Awareness of common attack techniques and security controls
Soft Skills
- Strong analytical and problem-solving skills
- Clear written and verbal communication
- Ability to prioritize tasks and manage multiple workstreams
- Comfortable working in a fast-paced, evolving environment
- Curious mindset with a desire to learn and grow in security
Nice-to-Have Qualifications
- Experience with Google Workspace administration
- Exposure to SIEM tools (e.g., Chronicle, Splunk, QRadar)
- Experience with endpoint management tools (Intune, Jamf, or similar)
- Scripting or automation experience (Bash, Python)
- Security certifications (Security+, SSCP, Google/AWS certifications)
Why This Role Matters:
- Directly supports the organization’s security posture and compliance commitments
- Provides hands-on exposure to real security operations and cloud environments
- Offers mentorship and growth under experienced security leadership
- Opportunity to grow into senior security, cloud security, or GRC roles
CompensationUSD $70k-$80k
