Information Security Analyst

The Information Security Analyst is responsible for protecting the organization’s information systems, networks, and data from security threats. This role focuses on monitoring, detecting, analyzing, and responding to security incidents while helping maintain compliance with security policies, standards, and regulations.

Key Responsibilities

• Monitor security systems and logs to identify potential threats and vulnerabilities
• Investigate, respond to, and document security incidents and breaches
• Conduct vulnerability assessments and support penetration testing efforts
• Implement and maintain security controls, tools, and technologies
• Assist in developing, updating, and enforcing information security policies and procedures
• Support compliance initiatives (ISO 27001, SOC 2, PCI-DSS, GDPR, etc.)
• Perform risk assessments and recommend mitigation strategies
• Collaborate with IT, engineering, and business teams to improve security posture
• Stay current with emerging threats, vulnerabilities, and security best practices
• Support security awareness and training programs for employees

Required Qualifications

• Bachelor’s degree in Information Security, Computer Science, IT, or a related field
• 1–3 years of experience in information security, cybersecurity, or IT operations
• Understanding of security principles, frameworks, and controls
• Experience with security monitoring tools (SIEM, IDS/IPS, EDR, firewalls)
• Knowledge of network protocols, operating systems, and cloud environments
• Strong analytical and problem-solving skills
• Ability to document findings clearly and communicate risks effectively

Preferred Qualifications

• Professional certifications (Security+, CEH, CISSP, CISM, GIAC)
• Experience with cloud security (AWS, Azure, Google Cloud Platform)
• Familiarity with scripting or automation (Python, PowerShell, Bash)
• Experience with vulnerability management tools (Nessus, Qualys, Rapid7)
• Knowledge of DevSecOps practices