Information Security Analyst

Lakeland, Florida, United States

Applications have closed

Qgiv

Raise more money and reach new supporters with the help of a fundraising platform built for fundraisers.

View company page

Who are we?

Qgiv exists to help people fulfill their passion to make a difference. Founded in 2007, Qgiv now provides thoughtfully-designed, user-friendly fundraising software to more than 6,000 nonprofits in the US and Canada. Nonprofits such as Habitat for Humanity, Big Brothers Big Sisters, Junior Achievement, Humane Societies, and more use Qgiv’s online fundraising tools to delight donors and raise funds for their missions.

We’re guided by our core values: empathy, introspection, honesty + integrity, persistence, openness, respect, and passion. We work hard to meet deadlines and goals, but we also take time to celebrate and have fun! In the office, we enjoy game nights, potlucks, costumes, office decorating competitions, a monthly birthday cake, and more free snacks and beverages than should be allowed. For those remote, we stay connected through video and Slack, weekly coffee talks, and virtual Town Hall meetings.

We strive to create a workplace culture in which individuals can be their authentic selves while working towards our company mission. We don’t search for perfect candidates; we look for candidates that are invested in helping us improve while also improving themselves.

About the Opportunity

As a member of the DevOps and Infrastructure team, you will help support the company by maintaining a highly available web platform used by thousands of non-profit organizations that are making the world a better place! Your technical expertise and knowledge will help protect the security and reliability of the Qgiv systems through security tools, analysis, and reporting. You will use your experience in Information Security principles to maintain Qgiv’s policy and compliance requirements including Payment Card Industry Level 1 compliance and conducting Security Awareness training.

What does success look like?

  • Monitor and analyze systems and security reports.
  • Responds to security alerts as they arise and escalate incidents according to severity.
  • Ensure Company Security and PCI Compliance requirements are being met continuously as well as assisting during routine Compliance Assessments.
  • Use security tools including SIEM, IDS/IPS, WAF, vulnerability scanners, log analysis, and network inspection when conducting investigations.
  • Assist with remediations for vulnerabilities or gaps in security coverage.
  • Provide recommendations for improvements to security systems to increase effectiveness and follow best practices.
  • Monitor alerts and implement appropriate security analysis and remediations.
  • Tracking published application and system vulnerabilities and assigning patches where appropriate.

What challenges can you expect?

  • There is a lot to learn; there are many environments that the various Qgiv teams use which rely on the DevOps and Infrastructure team’s support.
  • Documentation can be limited and will require active pursuit of system knowledge.
  • Occasional after-hours or weekend hours are occasionally required to support some of Qgiv’s organization’s large events.
  • Upcoming requirements for PCI DSS 4.0 will require more formalization of policies and procedures

Requirements

What do you need to qualify for this role?

To succeed in this role, you’ll need:

  • Comprehensive Information Security principles and applicable strategies
  • Education and experience with security technologies tools such as Centralized Logging, Vulnerability Scanners, SIEM, etc.
  • Thorough, detail-oriented approach to documentation
  • Linux administration experience utilizing command-line interface
  • Containerization principles
  • Networking basics
  • Strong understanding of Web application flow
  • Scripting and Programming language experience – (e.g. Bash and Python)
  • Experience with Cloud technologies including Identity and Access Management
  • Clear and effective communication skills
  • Ability to maintain deadlines, while juggling support requests

Things that will help you stand out:

  • Compliance experience especially PCI Data Security Standard
  • Experience in hardening and monitoring Amazon Web Service deployments
  • Experience with Continuous Integration/Continuous Deployment pipelines
  • Active Directory management experience
  • Database Management experience
  • Using Infrastructure-As-Code tools such as Terraform or AWS CDK
  • Web Development experience, especially in PHP, JavaScript, and React

Benefits

What’s in it for you?

  • Join an ambitious tech company building products that help nonprofits fundraise more effectively so they can change the world
  • This is a full-time position working in the Lakeland, FL office with a hybrid schedule.
  • Competitive pay
  • Health, vision, dental insurance, fitness plan reimbursement, life, and disability insurance, and a retirement savings plan
  • A flexible paid time off policy and paid holidays
  • Paid volunteer time off so you can make good things happen in your community
  • 3 weeks paid parental leave (after 12 months of employment)
  • Time off to vote
  • The hardware you need to get the job done!
  • Lots of Qgiv gear to add to your wardrobe (we have some of the softest shirts around)!

Florida Salary Statement: Any offered salary is determined based on internal equity, internal salary ranges, market data/ranges, applicant’s skills and prior relevant experience, certain degrees, and certifications.

Qgiv is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

All your information will be kept confidential according to EEO guidelines.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Active Directory AWS Bash Cloud Compliance DevOps IAM IDS IPS JavaScript Linux Log analysis Monitoring PCI DSS PHP Python Scripting Security analysis SIEM Terraform Vulnerabilities

Perks/benefits: Competitive pay Equity Fitness / gym Flex hours Flex vacation Health care Insurance Parental leave Snacks / Drinks Team events

Region: North America
Country: United States
Job stats:  15  6  0
Category: Analyst Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.