Information Security Analyst

• Take direction from and provide feedback to the Security Review Committee.
• Effectively communicate cybersecurity plans and policies to team members and stakeholders.
• Maintain a working understanding of modern industry security best practices and stay updated on emerging threats and trends.
• Review new infrastructure/architecture proposals to ensure they meet the company's security policies and industry best practices.
• Implement, and continuously improve security policies and procedures company-wide, based on current industry standards and best practices.
• Collaborate with third-party companies to achieve and maintain industry compliance certifications and ensure adherence to relevant regulations.
• Provide remediation recommendations and support in the event of security incidents, and work with stakeholders to address vulnerabilities and improve overall security posture.

Requirements

• 3-5 years of experience in information security.
• Strong knowledge of industry security best practices, frameworks, and regulations ( NIST, ISO 27001, SOC2, GDPR, HIPAA, etc.).
• Experience working with various security technologies, such as firewalls, intrusion detection/prevention systems, encryption, and endpoint protection (Wazuh, Netbox).
• Experience working with a variety of cloud infrastructure (AWS, GCP, Azure).
• Strong analytical and problem-solving skills, with the ability to identify and resolve complex security issues.
• Excellent communication and interpersonal skills, with a proven ability to effectively convey security concepts to both technical and non-technical audiences.
• Willingness to work fully remotely except for occasional business trips (approximately 2-3 per year)

• Relevant security certifications, such as CISSP, CISM, or CompTIA Security+, are preferred but not required.
• 3-5 experience in a SaaS and/or software company is desired.