Security Analyst
Location
United States
Posted
3 days ago
Salary
0
Seniority
Mid Level
Job Description
Security Analyst
iT1
Role Description As a Cybersecurity Analyst, you are expected to have a strong technical background in security operations, threat detection, and incident response. This role is responsible for protecting both internal and customer environments while serving as a key operational interface with Managed Detection and Response (MDR) partners. You will contribute to the maturity and scalability of security operations by building processes, developing runbooks, and enabling internal teams to consistently and effectively respond to security events. Key Responsibilities - Threat Monitoring and Incident Response: - Monitor security tools and platforms for suspicious activity and potential threats. - Investigate and triage alerts, respond to incidents, and document findings, root cause, and remediation actions. - MDR Customer and Partner Interface: - Serve as the primary operational interface between customers, MDR providers, and internal teams for security events and escalations. - Coordinate incident response activities across MDR partners and internal teams. - Communicate security incidents, risks, and remediation status to customers. - Participate in incident reviews, RCA discussions, and customer meetings. - Ensure MDR services align with customer SLAs and contractual requirements. - Escalate critical risks and ensure timely resolution across stakeholders. - Vulnerability and Risk Management: - Perform vulnerability assessments and coordinate remediation activities across environments. - Identify and prioritize risks and recommend mitigation strategies to internal leadership and customers. - Security Operations and Tooling: - Maintain and tune security tools including SIEM, EDR, firewalls, and intrusion detection/prevention systems. - Analyze logs and telemetry to identify threats and improve detection capabilities. - Process Development and Runbooks: - Develop and maintain security operations processes, SOPs, and incident response runbooks to support consistent and scalable service delivery. - Create repeatable workflows for incident detection, escalation, and remediation. - Continuously refine playbooks based on lessons learned and threat intelligence. - Support onboarding of new customers by defining operational procedures. - Training and Enablement (Help Desk & Infrastructure): - Partner with Help Desk and Infrastructure teams to build security awareness and operational readiness. - Deliver training on security tools, processes, and escalation procedures. - Enable teams to identify, triage, and escalate security events appropriately. - Provide ongoing guidance to improve cross-team collaboration and response effectiveness. - Governance, Compliance, and Documentation: - Support development and enforcement of security policies, standards, and procedures. - Participate in audits and maintain documentation aligned to frameworks such as ISO 27001, NIST, SOC 2, and CMMC. - Continuous Improvement: - Stay current with emerging threats, vulnerabilities, and industry trends. - Recommend and implement improvements to strengthen security posture across internal and customer environments. Qualifications - 2+ years of experience in cybersecurity, SOC operations, or managed security services. - Experience working with MDR providers or managed security environments. - Strong understanding of incident response processes and threat detection. - Experience developing documentation, runbooks, or operational processes. - Ability to communicate technical security issues to both technical and non-technical audiences. - Experience with Microsoft Security tools, CrowdStrike, Palo Alto, SentinelOne. - Strong analytical, problem-solving, and organizational skills. - Ability to manage multiple priorities and respond effectively under pressure. Preferred Certifications - CompTIA Security+ - CompTIA CySA+ - Certified Ethical Hacker (CEH) - GIAC (GSEC, GCIH) - Microsoft Security Certifications (preferred) Physical Demands - Sit at a computer for 8 hours per day. - Keyboarding for 8 hours per day. - Near Vision (working with small objects or reading small print). - Speaking (communicating information to clients/coworkers). - Hearing Requirements (In person speech, telephone, other sounds). Benefits - Medical, dental, and vision benefits with highly subsidized premiums. - Two weeks paid time off in your first year, with increasing PTO as tenure increases, and most major holidays off. - 401(k) Plan with employer match. - Onsite Fitness Center. - Onsite Monthly Massages.
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
Principal Security Analyst – Special Projects
Domino Data LabThe Enterprise MLOps platform powering over 20% of the Fortune 100
• Transform vulnerability management across functions • Create technical collateral for Sales and Client Management • Tackle complex technical problems with strategic insight
• Maintain relationships with customers and internal stakeholders and control owners alike; • Manage customer questionnaires, RFx and security assessments; • Evaluate compliance with contractual, regulatory and compliance requirements; • Help manage the compliance and audit platform, working with system owners to implement automated evidence collection and validation to ease the customer audit lifecycle.
Security Analyst
Navia Benefit Solutions, Inc.One-stop shop for consumer-directed benefit solutions with great customer service.
• We are seeking a Security Analyst with an emphasis on fraud research to join our Information Security team. • This role is responsible for identifying, researching, and helping mitigate computer-based and non-computer-based fraudulent activity across the organization. • The analyst will support the investigation of suspicious activity, review trends and patterns that may indicate fraud risk, and help strengthen internal controls through monitoring, analysis, documentation, and reporting. • This position works closely with the Director of Information Security and cross-functional business partners to support fraud prevention efforts, incident response, and risk management activities.
Senior Compliance Analyst, Security GRC
HylandEstablished in 1991, Hyland is a software and technology development company that has grown into one of the largest independent enterprise content management (ECM) vendors in the U
Role Description The Senior Security Compliance GRC Analyst leads complex audits and regulatory assessments, providing subject matter expertise in frameworks such as SOC 2, ISO 27001, FedRAMP, ENS, and Cyber Essentials. This role improves control design, harmonizes evidence practices, and guides corrective action plans — while mentoring junior analysts and partnering with cross-functional teams to mature the organization's compliance posture and reduce recurring audit gaps through regular external audit integration. - Lead complex internal and external audits, coordinating cross-functional participation and ensuring timely, accurate evidence delivery; serve as a subject matter expert on one or more compliance frameworks including SOC 2, ISO 27001, HIPAA, FedRAMP, and PCI. - Design and execute control testing plans, evaluating control effectiveness and documenting observations or gaps; drive remediation workflows by partnering with system owners to define action plans and confirm closure. - Develop and maintain compliance documentation including system security plans, control narratives, and audit-ready evidence libraries; prepare and maintain comprehensive records of compliance activities including risk assessments, audit reports, and regulatory filings. - Support harmonization of control frameworks by mapping controls and evidence across multiple regulations and standards; identify process and control improvement opportunities, recommending updates that enhance efficiency and reduce audit friction. - Project manage compliance audits including evidence collection and gap analysis; mentor junior analysts in audit readiness, evidence preparation, and control testing methodologies. - Mentor, coach, train, and provide feedback to other team members; may provide feedback to leadership on the technical abilities of the team. Qualifications - Bachelor's degree or equivalent work experience, with 3–5 years of experience in compliance, risk management, internal audit, or regulatory affairs. - Knowledge of regulatory frameworks such as SOC, ISO 27001, NIST 800-53, FedRAMP, SOX, HIPAA, GDPR, or FAR/DFARS. - Strong data gathering, interviewing, analytical, and problem-solving skills; strong knowledge of security risk assessment techniques, risk scoring models, and risk impact analysis. - Strong oral and written communication skills with a professional demeanor; strong facilitation, project management, and interpersonal skills with the ability to maintain professionalism across all levels of the organization. - Strong collaboration skills applied successfully within a team and across all levels of employees; demonstrated ability to influence, motivate, and mobilize team members and business partners. Requirements - Experience in a government-regulated industry such as healthcare, finance, defense, or technology. - Cloud security and/or AI GRC certifications. - Strong data analysis knowledge using tools such as Excel, SQL, or statistical software packages. - Strong knowledge of Microsoft Operating Systems, products, and advanced Microsoft Excel skills. - Self-motivated with the ability to manage projects to completion with minimal oversight in a fast-paced, deadline-driven environment; strong attention to detail with the ability to handle sensitive information with discretion and tact. Benefits - Career development resources. - Wellbeing programs. - Innovation practices.
