Information Security Analyst
Lakeland, Florida, United States
Qgiv
Raise more money and reach new supporters with the help of a fundraising platform built for fundraisers.Who are we?
Qgiv exists to help people fulfill their passion to make a difference. Founded in 2007, Qgiv now provides thoughtfully-designed, user-friendly fundraising software to more than 6,000 nonprofits in the US and Canada. Nonprofits such as Habitat for Humanity, Big Brothers Big Sisters, Junior Achievement, Humane Societies, and more use Qgiv’s online fundraising tools to delight donors and raise funds for their missions.
We’re guided by our core values: empathy, introspection, honesty + integrity, persistence, openness, respect, and passion. We work hard to meet deadlines and goals, but we also take time to celebrate and have fun! In the office, we enjoy game nights, potlucks, costumes, office decorating competitions, a monthly birthday cake, and more free snacks and beverages than should be allowed. For those remote, we stay connected through video and Slack, weekly coffee talks, and virtual Town Hall meetings.
We strive to create a workplace culture in which individuals can be their authentic selves while working towards our company mission. We don’t search for perfect candidates; we look for candidates that are invested in helping us improve while also improving themselves.
About the Opportunity
As a member of the DevOps and Infrastructure team, you will help support the company by maintaining a highly available web platform used by thousands of non-profit organizations that are making the world a better place! Your technical expertise and knowledge will help protect the security and reliability of the Qgiv systems through security tools, analysis, and reporting. You will use your experience in Information Security principles to maintain Qgiv’s policy and compliance requirements including Payment Card Industry Level 1 compliance and conducting Security Awareness training.
What does success look like?
- Monitor and analyze systems and security reports.
- Responds to security alerts as they arise and escalate incidents according to severity.
- Ensure Company Security and PCI Compliance requirements are being met continuously as well as assisting during routine Compliance Assessments.
- Use security tools including SIEM, IDS/IPS, WAF, vulnerability scanners, log analysis, and network inspection when conducting investigations.
- Assist with remediations for vulnerabilities or gaps in security coverage.
- Provide recommendations for improvements to security systems to increase effectiveness and follow best practices.
- Monitor alerts and implement appropriate security analysis and remediations.
- Tracking published application and system vulnerabilities and assigning patches where appropriate.
What challenges can you expect?
- There is a lot to learn; there are many environments that the various Qgiv teams use which rely on the DevOps and Infrastructure team’s support.
- Documentation can be limited and will require active pursuit of system knowledge.
- Occasional after-hours or weekend hours are occasionally required to support some of Qgiv’s organization’s large events.
- Upcoming requirements for PCI DSS 4.0 will require more formalization of policies and procedures
Requirements
What do you need to qualify for this role?
To succeed in this role, you’ll need:
- Comprehensive Information Security principles and applicable strategies
- Education and experience with security technologies tools such as Centralized Logging, Vulnerability Scanners, SIEM, etc.
- Thorough, detail-oriented approach to documentation
- Linux administration experience utilizing command-line interface
- Containerization principles
- Networking basics
- Strong understanding of Web application flow
- Scripting and Programming language experience – (e.g. Bash and Python)
- Experience with Cloud technologies including Identity and Access Management
- Clear and effective communication skills
- Ability to maintain deadlines, while juggling support requests
Things that will help you stand out:
- Compliance experience especially PCI Data Security Standard
- Experience in hardening and monitoring Amazon Web Service deployments
- Experience with Continuous Integration/Continuous Deployment pipelines
- Active Directory management experience
- Database Management experience
- Using Infrastructure-As-Code tools such as Terraform or AWS CDK
- Web Development experience, especially in PHP, JavaScript, and React
Benefits
What’s in it for you?
- Join an ambitious tech company building products that help nonprofits fundraise more effectively so they can change the world
- This is a full-time position working in the Lakeland, FL office with a hybrid schedule.
- Competitive pay
- Health, vision, dental insurance, fitness plan reimbursement, life, and disability insurance, and a retirement savings plan
- A flexible paid time off policy and paid holidays
- Paid volunteer time off so you can make good things happen in your community
- 3 weeks paid parental leave (after 12 months of employment)
- Time off to vote
- The hardware you need to get the job done!
- Lots of Qgiv gear to add to your wardrobe (we have some of the softest shirts around)!
Florida Salary Statement: Any offered salary is determined based on internal equity, internal salary ranges, market data/ranges, applicant’s skills and prior relevant experience, certain degrees, and certifications.
Qgiv is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
All your information will be kept confidential according to EEO guidelines.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory AWS Bash Cloud Compliance DevOps IAM IDS IPS JavaScript Linux Log analysis Monitoring PCI DSS PHP Python Scripting Security analysis SIEM Terraform Vulnerabilities
Perks/benefits: Competitive pay Equity Fitness / gym Flex hours Flex vacation Health care Insurance Parental leave Snacks / Drinks Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs