
Senior IT Security Analyst
Posted Jul 2

Posted Jul 2
This is a fully remote position, open to applicants in United States.
• Acts as the primary point of escalation for security alerts and provides guidance to IT Security Analysts.
• Executes critical tasks with minimal oversight across one or more areas of the IT Security Program, including vulnerability management, security awareness, and threat intelligence.
• Monitors data activities and investigates alerts related to data exfiltration, unauthorized access, and policy breaches.
• Examines security incidents involving sensitive information, such as unauthorized access and data leaks.
• Collaborates with the Incident Response team to contain, resolve, and document incidents related to data.
• Creates and maintains runbooks for handling data protection incidents and escalation processes.
• Works in close partnership with IT Security Engineers to draft runbooks, refine alerts, collaborate on escalations, and generate innovative alerting ideas.
• Serves as the lead for minor projects assigned by the IT Security Manager and/or Director as necessary.
• Conducts network monitoring and intrusion detection analysis utilizing various network defense tools, including intrusion detection/prevention systems, firewalls, and host-based security systems.
• Performs log-based and endpoint-based threat detection to identify and safeguard against threats from diverse sources.
• Implements cloud-centric detection methods to identify threats associated with cloud environments and services utilized by the organization.
• Analyzes activity across assets (endpoints, networks, applications) and environments (on-premises, cloud) to spot patterns of unusual behavior.
• Reviews alerts and data from sensors and prepares formal technical incident reports.
• Collaborates with threat intelligence and/or threat-hunting teams.
• Provides incident response support to network subscribers, including implementing mitigation actions and facilitating forensic analysis when needed.
• Utilizes security information and event management (SIEM) tools to manage and tune the system, create and manage detection content, and actively monitor for alerts.
• Correlates network, cloud, and endpoint activity across environments to detect attacks and unauthorized usage.
• Investigates emerging threats and vulnerabilities to assist in incident identification.
• Supports network vulnerability scans, security audits, and risk assessments, offering feedback to ensure compliance with corporate security policies and adherence to industry best practices.
• Provides users with incident response assistance, including actions to contain activities and facilitating forensic analysis as necessary.
• Conducts security standards testing on computers prior to implementation to confirm security measures are in place.
• A combination of education and experience may be considered in lieu of a Bachelor's degree.
• At least four years of experience in IT Audit and/or Enterprise Risk Management, or as a Penetration Tester, Red Team/Incident Responder, Junior Security Operations Analyst, Security Coordinator, or a related role is required.
• Relevant certifications are highly preferred, such as Security+, SSCP, CISSP, or other IT security certifications.
• Familiarity with risk assessment and risk management concepts or processes is essential.
• Working knowledge of various regulatory security requirements, particularly Sarbanes-Oxley (SOX), GLBA, and CCPA.
• Strong decision-making skills, with a demonstrated ability to evaluate the relative costs and benefits of potential actions and select the most suitable option.
• Ability to effectively influence others to change their opinions, plans, or behaviors.
• Good understanding of the organization’s mission, values, and goals, with consistent application of this knowledge.
• Strong problem-solving and troubleshooting capabilities.
• Ability to collaborate and maintain relationships with stakeholders at all levels within the company.
• Excellent verbal and written communication skills are required.
• Highly organized and detail-oriented, with the ability to thrive in a fast-paced, metrics-driven environment.
• Proficiency in Microsoft Office Suite, including Word, Excel, Wiki, collaborative cloud-based programs, and third-party software applications is required.
• Medical
• Dental
• Vision
• Life insurance
• AD&D
• LTD
• 401(k) with employer match
CrowdStrike
Davis Wright Tremaine LLP
American Residential Services
Get handpicked remote jobs straight to your inbox weekly.