In neighborhoods and communities everywhere, we deliver the promise of home.
Senior IT Security Analyst
Location
United States
Posted
4 days ago
Salary
$82.5K - $118.3K / year
Seniority
Senior
Job Description
Senior IT Security Analyst
Guild Mortgage
• Serves as the first line of security alert escalation and guidance for IT Security Analysts. • Performs essential duties with minimal supervision for one or multiple areas of the IT Security Program such as vulnerability management, security awareness, threat intelligence, etc. • Monitor data activity and investigate alerts related to data exfiltration, inappropriate access, and policy violations. • Investigate security incidents involving sensitive data, including unauthorized access and data leakage. • Partner with the Incident Response team to contain, remediate, and document data-related incidents. • Develop and maintain runbooks for data protection incident handling and escalation. • Works closely with IT Security Engineers to draft runbooks, tune alerts, collaborate on escalations, and generate ideas for new alerting. • Acts as lead for small projects by IT Security Manager and/or Director as needed. • Conducts network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls, and host-based security systems. • Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources. • Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization. • Correlates activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity. • Reviews alerts and data from sensors, and documents formal, technical incident reports. • Works with threat intelligence and/or threat-hunting teams. • Provides network subscribers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary. • Works with security information and event management (SIEM) to manage/tune the system, create/manage the detection content and actively watch for alerts. • Correlates network, cloud, and endpoint activity across environments to identify attacks and unauthorized use. • Researches emerging threats and vulnerabilities to aid in the identification of incidents. • Supports network vulnerability scans, security audits, and risk assessments and provides feedback to ensure compliance with corporate security policies and adherence to industry best practices. • Provides users with incident response support, including mitigating actions to contain activity, and facilitating forensics analysis when necessary. • Performs security standards testing against computers before implementation to ensure security.
Job Requirements
- A combination of education and experience may be considered in lieu of the Bachelor’s degree.
- Minimum four years' experience in IT Audit and/or Enterprise Risk Management, or as a Penetration Tester, Red Team/Incident Responder, Junior Security Operations Analyst, Security Coordinator and/or related required.
- Certifications are highly desired such as: Security+, SSCP, CISSP or other IT security certifications.
- Familiarity with risk assessment and risk management concepts or processes.
- Working knowledge of various regulatory security requirements – particularly Sarbanes-Oxley (SOX), GLBA, and CCPA.
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
- Ability to effectively influence others to modify their opinions, plans, or behaviors.
- Good understanding of organizational mission, values, goals, and consistent application of this knowledge.
- Strong problem-solving and troubleshooting skills.
- Ability to collaborate and maintain a working relationship with stakeholders at all levels and roles in the company.
- Excellent verbal and written communication skills required.
- Highly organized and detail-oriented; ability to work in a fast-paced, metrics-driven environment required.
- Proficiency in Microsoft Office Suite, Word, Excel, Wiki, collaborative cloud-based programs, and third-party software applications required.
Benefits
- medical
- dental
- vision
- life insurance
- AD&D
- LTD
- 401(k) with employer match
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
Cybersecurity Analyst
Davis Wright Tremaine LLPAn Am Law 100 firm. Advancing our clients’ success. Simplifying their most complex challenges.
• Patrol the firm’s networks, review security audits and logs, and regularly verify the cybersecurity controls in place as part of the firm’s Information Security Management System • Participate in assessing the cybersecurity of the firm’s vendors and contractors as well as respond to client reviews of the firm’s cybersecurity posture • Be prepared to respond nimbly and effectively to possible cyber incidents • Provide incident investigation, handling and documentation; and ensure remediation steps timelines are understood • Remain abreast of the latest cybersecurity news, including assessing the implications for the firm’s systems of newly-identified vulnerabilities • Maintain expertise on the evolving tactics, techniques, and procedures of sophisticated malicious cyber actors • Supports cybersecurity awareness program by explaining policies and best practices, developing training materials, and advising users on secure solutions to business problems
• Analyze, maintain, and manage GoodLife security systems to ensure secure production and development environments • Escalate or respond to incidents as required • Involved in audit and compliance processes, and provide reporting for compliance and investigation • Maintain accurate security systems hardware and software inventories • Maintain and update security systems • Review and action on security system reports • Investigate and respond to security system alerts • Run manual scan jobs as required (Asset, Virus, Vulnerability, etc.) • Perform and maintain backups of security system configurations • Create and respond to Helpdesk security tickets as assigned • Assist with security project work as required • Work and collaborate with various vendors and GoodLife partners • Collaborate with T&I operations to implement and deploy new security systems • Involved in the process of selecting security systems • Keep up to date with the latest security trends and news • Daily, Weekly, Monthly review of various reports and scan jobs • Create and maintain security operational documentation
Threat Intelligence Analyst – Global
Vantage Data CentersExperience | Scalability | Efficiency By Design
• Synthesize large volumes of complex, multi-source intelligence into concise, executive-level briefings, ensuring senior leaders can quickly understand key risks, implications, and recommended actions • Conduct advanced open-source intelligence (OSINT) investigations • Monitor, analyze, and track evolving threat trends • Develop and maintain intelligence metrics, KPIs, and performance measures, ensuring intelligence activities are measurable, actionable, and aligned to business objectives • Rapidly translate vague or incomplete intelligence requirements into high-confidence, sourced analytic findings • Assess reputational, geopolitical, and socio-political threats and evaluate how they may materialize and impact the organization and broader industry • Analyze the origin, motivation, intent, and evolution of threat actors and narratives within regional geopolitical and cultural contexts • Utilize intelligence platforms such as LifeRaft Navigator, Recorded Future, and other OSINT and threat intelligence tools to support investigations, monitoring, and analysis • Support time-sensitive intelligence requirements during fast-moving geopolitical events or emerging situations • Collaborate closely with other analysts to advance investigations, validate findings, and integrate insights across intelligence efforts • Participate in analytic reviews and lessons-learned sessions to continuously refine sourcing strategies, methodologies, and tradecraft
Senior Security Analyst
Kentro.usKentro, formerly IT Concepts, Inc., is a mission-driven digital modernization and transformation firm founded in the early 2000s and headquartered in McLean, Vi
Role Description As part of the Enterprise Printing Initiative, we are seeking an experienced Senior Security Analyst to support the development, implementation, and sustainment of enterprise printer security standards across a large federal environment. This role will work closely with program leadership, engineering teams, infrastructure stakeholders, and compliance personnel to help ensure enterprise printing services remain aligned with agency security policies, regulatory requirements, and federal cybersecurity standards. The ideal candidate will bring strong knowledge of security principles, compliance frameworks, risk management practices, and operational security governance within complex enterprise environments. This individual will support the establishment and maintenance of printer security baselines, contribute to governance and ATO activities, and help identify and mitigate risks associated with enterprise print infrastructure and related technologies. Responsibilities - Support the development, implementation, and maintenance of enterprise printer security baselines aligned with agency policies, NIST standards, and DISA STIG requirements. - Coordinate with cross-functional engineering, networking, infrastructure, and cybersecurity teams to validate ports, protocols, services, and secure deployment configurations. - Collaborate with compliance, governance, and audit teams to support adherence to regulatory and security requirements. - Assist with governance, risk, and compliance documentation supporting Authorization to Operate (ATO) and related security initiatives. - Identify security risks, vulnerabilities, and operational gaps within enterprise printing and endpoint-related environments and coordinate remediation efforts with technical teams. - Support security reviews, vulnerability assessments, system hardening activities, and compliance validation efforts. - Analyze technical and operational information to develop clear, concise narrative summaries, reports, risk documentation, and graphical presentations for leadership and stakeholders. - Participate in security working sessions, operational meetings, implementation planning activities, and enterprise modernization initiatives. - Assist with the development and maintenance of security policies, procedures, standards, and operational documentation related to enterprise print services. - Provide guidance and support to junior security personnel and implementation teams as needed. Supervisory Responsibilities - May provide technical guidance, oversight, and coordination support to project resources supporting enterprise security and compliance activities. Qualifications - Masters’s degree in Cybersecurity, Information Technology, Information Systems, Computer Science, or a related technical discipline. An additional 10 years of relevant experience may be substituted for the degree requirement. - Minimum of five (5) years of relevant experience supporting enterprise cybersecurity, security compliance, risk management, or security operations activities. - Strong understanding of security principles, concepts, policies, standards, and regulatory frameworks. - Experience supporting compliance initiatives aligned with NIST, DISA STIGs, federal security standards, and governance requirements. - Experience identifying security risks and coordinating remediation activities with technical and operational teams. - Familiarity with security hardening, vulnerability management, system auditing, and compliance validation processes. - Ability to develop clear, concise reports, security documentation, risk assessments, and executive-level summaries. - Strong communication, organizational, and cross-functional collaboration skills. - Experience supporting enterprise environments with complex operational and security requirements. Preferred Qualifications - Experience supporting enterprise print infrastructure, endpoint security, or device management initiatives. - Familiarity with Zero Trust concepts, PKI integration, secure print architectures, and identity-integrated technologies. - Experience supporting Authorization to Operate (ATO) documentation and governance processes. - Knowledge of enterprise networking concepts, secure deployment standards, and infrastructure security principles. - Experience working within federal government or highly regulated enterprise environments. Clearance Requirement - US Citizen or Green card holder - Willing and able to obtain and maintain Public Trust Clearance - Must meet updated ID requirements: ID requirements - If you do not currently meet the ID requirements outlined, you must be willing and able to update your current forms of ID in a timely manner to complete the suitability process successfully. Benefits - Competitive benefits package including paid time off, healthcare benefits, supplemental benefits, 401k including an employer match, discount perks, rewards, and more. - Education reimbursement for certifications, degrees, or professional development. - Flexibility for professional growth and networking opportunities. - Commitment to incorporating fun into every day with activities such as happy hours, holiday events, fitness & wellness events, and annual celebrations. - Support for community engagement through charity galas/events.



