Cyber Security Analyst

Job Overview

The Cyber Security Analyst is responsible for contributing to, and strengthening, the Information Security function throughout the organization. The Analyst will update, document, and maintain security standards and policies for the organization. The Analyst will help in the identification, analysis, and reporting of cyber threats in addition to ensuring business operations are conducted in accordance with established guidelines and regulatory requirements.

• Monitor, triage, investigate, and resolve security alerts, support tickets, and incidents, including containment, root‑cause analysis, chain of custody, and preventive actions.
• Identify security risks, recommend remediation or mitigating controls, and support ongoing risk assessments and system testing.
• Apply and enforce information‑security policies, standards, and procedures, aligning with industry best practices and regulatory requirements (e.g., PCI, GLBA).
• Support integration of regulatory and audit requirements into the security roadmap and ensure the company's computer systems meet compliance obligations.
• Collaborate with IT Operations to ensure servers, network devices, and security controls meet established security standards and are operating as designed.
• Evaluate, implement, and perform compliance assessments on application, system, and security‑related changes and solutions, adhering to established change‑control processes.
• Perform periodic internal security audit functions on IT operational controls, including system access, DLP controls, firewall policies, etc.
• Stay current with evolving security technologies and maintain relevant certifications.
• Participate in on‑call rotation.
• Perform other related duties as assigned.

• Familiarity with various cyber threats and mitigating controls.
• Familiarity with endpoint security solutions, email security solutions, and security monitoring tools and appliances.
• Solid understanding of the OSI network model and network protocols such as TCP/IP, firewalls, proxies, IDPS concepts.
• Knowledge of security‑oriented regulatory requirements and compliance (a plus).
• Knowledge of the mortgage industry is helpful, but not required.
• Ability to work effectively independently and with others in a collaborative, deadline‑sensitive environment.
• Ability to communicate clearly, both verbally and in writing, to convey messages to technical and non‑technical users.
• Commitment and ability to cultivate a diverse and inclusive work environment.

• Bachelor's degree in computer science, engineering, or information systems security is preferred.
• Security training certifications strongly preferred (Security+, Azure Fundamentals, Network+).

• Previous experience as an IT security specialist (1–3 years).
• Experience working in IT (5+ years).
• Experience as a security specialist in a regulated IT environment including some combination of SOX, HIPAA, GLBA, PCI (1+ years).

• Coverage of medical, dental, vision, and 401(k).
• Compensation: $70,000 – $87,500 annualized with a 5% AIP opportunity.

This position follows a hybrid work model, combining remote work with in‑office presence. Employees are expected to maintain a professional home office environment and be available to work on‑site as scheduled or as business needs require. Work is performed both remotely and in a standard office setting. Flexible work hours may be available, with expectations to attend meetings and collaborate during core business hours.

Reliable internet access is required for remote work, along with the ability to be on camera to participate in virtual meetings and communications. During in‑office days, work is performed in a climate‑controlled office with standard lighting and noise levels. Employees must comply with company policies regarding data security, time tracking, and collaboration tools across both work environments.

The employee frequently communicates and must stand, walk, sit, and operate a computer using hands and fingers. Occasional lifting of objects up to 15 lbs. is required. Prolonged sitting or standing may be needed. Visual acuity for close vision and distance vision is required.

Covius is committed to equal opportunity in all employment practices to all qualified applicants and employees without regard to race, color, religion, gender, gender identity, age, national origin, pregnancy, disability, genetics, marital status, military or veteran status or any other protected category as established by local, state, and federal law. All employment decisions will be made without unlawful discrimination based on any prohibited basis.

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position.