Security Analyst

We are seeking a vigilant and analytical Security Analyst to help protect our organization’s digital assets, infrastructure, and data. The ideal candidate will be responsible for monitoring, detecting, analyzing, and responding to security incidents, as well as proactively identifying vulnerabilities and enhancing our security posture.

• Monitor security tools and systems (SIEM, IDS/IPS, firewalls, EDR) to detect and respond to cybersecurity threats and incidents.
• Investigate security alerts and conduct root cause analysis on potential incidents or breaches.
• Collaborate with IT and engineering teams to remediate vulnerabilities and implement security controls.
• Perform regular vulnerability assessments, penetration testing support, and security risk analyses.
• Assist in the development and maintenance of security policies, procedures, and playbooks.
• Respond to and manage security incidents, including containment, mitigation, and recovery.
• Stay up-to-date with current threats, attack vectors, and emerging technologies in the cybersecurity landscape.
• Support regulatory and compliance efforts (e.g., HIPAA, PCI DSS, ISO 27001, SOC
  2) by gathering evidence and ensuring alignment with security requirements.
• Generate reports and dashboards on security metrics, trends, and incident response activities.
• Provide security awareness training and guidance to employees as needed.

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent work experience).
• 2–5 years of experience in information security, cybersecurity, or related IT roles.
• Hands‑on experience with security monitoring and analysis tools (e.g., Splunk, Crowd Strike, Palo Alto, Rapid7).
• Solid understanding of networking, operating systems (Windows/Linux), and cloud platforms (AWS, Azure, or GCP).
• Familiarity with frameworks and standards such as NIST, CIS Controls, MITRE ATT&CK, or OWASP.
• Relevant certifications (e.g., Security+, CEH, GSEC, SSCP, or Splunk Certified Analyst) are a plus.
• Strong analytical, problem‑solving, and communication skills.

• Experience with threat hunting, digital forensics, or malware analysis.
• Knowledge of scripting or automation (Python, Power Shell, Bash).
• Exposure to incident response lifecycle and ticketing systems (e.g., JIRA, Service Now).
• Understanding of Dev Sec Ops  or cloud‑native security practices.