Information Security Analyst

$82,800 - $124,200/Yr

Strayer Education - Remote, OR

posted 3 months ago

Full-time - Entry Level
Remote, OR
Educational Services

About the position

The Information Security Analyst will play a critical role in ensuring the security of our AWS and GCP platforms. This position involves managing IT risks, ensuring compliance with SOX and SOC 2 standards, and leading efforts in incident response, vulnerability management, business continuity, and disaster recovery. The analyst will be responsible for designing, implementing, and managing security measures for AWS and GCP environments, monitoring and responding to security events and incidents, and conducting regular security assessments and audits to identify vulnerabilities and recommend improvements. Additionally, the role requires integrating security into CI/CD pipelines, ensuring that security controls are automated and continuously monitored, and developing and maintaining scripts and automation tools to improve security processes and reduce manual intervention. In terms of IT risk management, the analyst will identify, assess, and prioritize IT risks across the organization, developing and implementing risk mitigation strategies and controls while monitoring and reporting on the effectiveness of these efforts. Compliance with industry standards and regulations, including SOX and SOC 2, is essential, and the analyst will coordinate regular compliance audits and assessments while maintaining and updating IT compliance documentation and policies. The role also involves leading the incident response team in the identification, containment, eradication, and recovery from security incidents, developing and maintaining incident response plans and playbooks, and conducting post-incident analysis to report findings to senior management. Regular vulnerability scans and assessments will be conducted, with the analyst prioritizing and tracking the remediation of identified vulnerabilities and collaborating with IT teams to implement security patches and updates. Furthermore, the analyst will develop, implement, and maintain business continuity and disaster recovery plans, coordinating and conducting regular tests of these plans to ensure critical systems and data are backed up and can be restored in case of an incident. Collaboration with IT, legal, and compliance teams is crucial to ensure alignment of security efforts, and the analyst will provide security awareness training to employees while staying current with emerging security threats and technologies.

Responsibilities

  • Design, implement, and manage security measures for AWS and GCP environments.
  • Monitor and respond to security events and incidents within cloud platforms.
  • Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.
  • Integrate security into CI/CD pipelines, ensuring that security controls are automated and continuously monitored.
  • Develop and maintain scripts and automation tools to improve security processes and reduce manual intervention.
  • Identify, assess, and prioritize IT risks across the organization.
  • Develop and implement risk mitigation strategies and controls.
  • Monitor and report on the effectiveness of risk management efforts.
  • Ensure compliance with industry standards and regulations, including SOX and SOC 2.
  • Coordinate regular compliance audits and assessments.
  • Maintain and update IT compliance documentation and policies.
  • Lead the incident response team in the identification, containment, eradication, and recovery from security incidents.
  • Develop and maintain incident response plans and playbooks.
  • Conduct post-incident analysis and report findings to senior management.
  • Conduct regular vulnerability scans and assessments.
  • Prioritize and track the remediation of identified vulnerabilities.
  • Collaborate with IT teams to implement security patches and updates.
  • Develop, implement, and maintain business continuity and disaster recovery plans.
  • Coordinate and conduct regular tests of business continuity and disaster recovery plans.
  • Ensure critical systems and data are backed up and can be restored in case of an incident.
  • Collaborate with IT, legal, and compliance teams to ensure alignment of security efforts.
  • Provide security awareness training to employees.
  • Stay current with emerging security threats and technologies.

Requirements

  • 1 to 3 years of experience in a similar role.
  • Experience in IT compliance, with a strong emphasis on SOC 2, SOX compliance, IT General Controls, and audit activities.
  • Hands-on experience with AWS and GCP security.
  • Experience with IT risk management and policy management.
  • Proven track record in incident response and vulnerability management.
  • Experience in developing and implementing business continuity and disaster recovery plans.
  • Strong understanding of security principles and best practices.
  • Proficiency with security tools and technologies (e.g., SIEM, IDS/IPS, vulnerability scanners).
  • Excellent problem-solving and analytical skills.
  • Strong communication and collaboration skills.
  • Ability to work independently and as part of a team.

Nice-to-haves

  • Relevant certifications (e.g., CISSP, CISM, CISA, AWS Certified Security Specialty, GCP Professional Cloud Security Engineer) are highly desirable.

Benefits

  • Competitive salary and benefits package.
  • Reasonable accommodations regarding travel limitations can be provided.
  • Access to work in a setting that enables meeting all requirements of the role (including privacy, reliable internet access, phone, ability to video conference, etc.) at a remote location.
  • Opportunities for professional development and career growth.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service