Information Security Analyst
South Jordan, UT, United States
Cricut
What is Cricut? Cricut makes smart cutting machines that work with an easy-to-use app to help you design and personalize almost anything - custom cards, unique apparel, and so much more.Company Description
Cricut® makes smart cutting machines that work with an easy-to-use app, an ever-growing collection of materials, and crafting essentials to help you design and personalize almost anything — custom cards, unique apparel, everyday items, and so much more.
Let’s make.
Overview
We believe everyone is born creative. We’re a diverse tapestry of thinkers, dreamers, givers, DIYers, handi-workers, artisans, and forever and always architects of things.
At Cricut, we place the power of handmade into the hands of all. We give you beautiful, easy-to-master tools so you can make something unique, remarkable, perfect. We surround you with ideas, community, inspiration, and encouragement to take your creativity further than you ever imagined. And as a community, we celebrate the exhilarating act of making every single day.
So, make that handcrafted card that feels like a hug. Design a shirt for fun, for family, or for a full-blown business. Craft with a passion or for a purpose. Make something big and bold, itsy-bitsy, amazingly ambitious, or just plain silly. Whatever you make, just make your heart out. Because here’s the remarkable truth: When we all make together, we make all things possible.
Let’s make.
Job Description
We are seeking an experienced Information Security Analyst to join our dynamic team. The successful candidate will be responsible for protecting our organization's information assets by identifying, assessing, and mitigating security risks. The ideal candidate will have a minimum of six years of experience in information security, with a strong background in security operations, incident response, and risk management.
Key Responsibilities:
- Conduct ongoing security assessments and audits to identify vulnerabilities, weaknesses, and threats to our information systems and assets.
- Monitor security alerts and incidents, investigate security breaches or incidents, and develop response strategies to mitigate risks and minimize impact.
- Implement and manage security controls, tools, and technologies to safeguard our networks, systems, and data against unauthorized access, misuse, or destruction.
- Collaborate with cross-functional teams to develop, implement, and enforce security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.
- Perform risk assessments and security reviews of third-party vendors, partners, and service providers to evaluate their security posture and ensure the protection of our shared resources.
- Provide security awareness training and guidance to employees on security best practices, policies, and procedures to enhance their understanding and adherence to security requirements.
- Stay informed about emerging threats, vulnerabilities, and security trends, and recommend proactive measures and controls to address potential risks and protect against future attacks.
- Participate in security incident response exercises, tabletop simulations, and post-incident reviews to continuously improve our incident response capabilities and resilience.
- Maintain documentation of security incidents, investigations, and remediation activities, and prepare reports and presentations for management and stakeholders as needed.
- Collaborate with external auditors, regulators, and compliance officers to support audits, assessments, and certifications related to information security and privacy.
Qualifications
- Bachelor's degree in Computer Science, Information Security, or related field.
- Minimum of six years of experience in information security, with a focus on security operations, incident response, and risk management.
- Professional certifications such as Certified Ethical Hacker certification is highly desirable.
- In-depth knowledge of security principles, practices, technologies, and standards, including but not limited to network security, endpoint protection, cryptography, and access control.
- Hands-on experience with security tools and technologies, such as SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention Systems), firewalls, and vulnerability scanners.
- Strong analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions.
- Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate technical concepts to non-technical audiences.
- Proven ability to work independently, prioritize tasks, and manage multiple projects simultaneously in a fast-paced environment.
Additional Information
What to Do Next:
Please attach your resume including links to your portfolio where applicable. If you want to show your super powers in other ways – include that information too. You can be sure that Cricut® is an employer who values individuality, equality and diversity, so tell us what you’re all about. If you are a Maker or a DIY enthusiast, whether you think you are a good one or not, we would love to hear about it when you send us your information!
At Cricut®, we celebrate inclusion and diversity. Cricut is an equal opportunity employer and makes employment decisions based on merit. Cricut prohibits discrimination based on race, color, religion, sex, sexual identity, gender identity, marital status, veteran status, nationality, citizenship, age, disability, medical condition, pregnancy, or any other unlawful consideration. All your information will be kept confidential according to EEO guidelines. Cricut participates in E-Verify.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Compliance Computer Science Cryptography Firewalls IDS Incident response Intrusion detection IPS Network security Privacy Risk assessment Risk management Security assessment SIEM Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Security Researcher jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs