IT Security Analyst
Novato, California, United States
Zenni OpticalFind affordable eyeglasses at Zenni! We have glasses for everyone and a virtual try-on tool to help you choose. Shop our online store and save on your next pair!
As an Information Security Analyst, you will design, analyze and implement IT security systems to protect the organization's computer networks from cyber attacks. You will also help develop organization wide best practices for IT security. You will monitor computer networks for security issues, install security software and document all security issues or breaches you find.
An ideal candidate will be proficient with multiple O/S , with experience in penetration testing and techniques and installing security software and documenting security issues. Experience in a fast-paced, start-up environment in the technology sector is helpful.
Reporting to the Director Infrastructure and CyberSecurity, this role will be to monitor and review cyber security telemetry in a variety of dashboards and tooling, identifying potential malicious activity and responding accordingly in cooperation with the rest of the IT Operations team.
- Identify activity that is malicious, suspicious, or out of policy and respond accordingly based on Standard Operating Procedures
- Review logging and alerting from our tooling, including: EDR/UEM | SIEM | DLP
- Help develop Standard Operating Procedures to meet emerging threats.
- Review Threat Intelligence feeds, determine Zenni’s exposure to those threats and develop hunting methodologies to identify any imminent attacks
- Review vulnerability reports from scanning tools, analyze for trends, and prioritize remediation activities, working with business units.
- Keep current on information security risks and the Tactics Techniques and Procedures (TTP) of attackers.
- Participate in Incident Response activities
- Participate in IT operations daily activities
- Help deploy SAST/ DAST solutions for Vulnerability management and assist in analyzing and monitoring Google Cloud Platform resources
- Experience with security logging and logging platforms
- 3 years of experience in a Cyber Threat Intelligence (CTI) role in a customer-facing environment.
- Experience with EDR/ Antivirus and Log management solutions similar to offerings from Crowdstrike, including SIEM integration with Linux and Firewalls
- Understanding of AWS and GCP and the security tools and facilities available.
- Experience in stakeholder management (i.e., presenting, reporting to internal audiences including executives
- Experience with Vulnerability Scanners at host and application level.
- Experience with Google Workspace and the security facilities, dashboards and configurations therein.
- Experience with Managed detection and response protocols.
- Familiarity with foundational security technologies enough to select the right toolsets and technical controls.
- Information security certification such as CISSP, GIAC or OSCP
- Experience collaborating with IT operations and product teams
- Coding experience, python preferred
- Experience with managing Linux systems and services in the Cloud environment
- Log and threat management utilizing SOAR and SIEM
- Disaster recovery Cloud backup and system support experience
- Strong working knowledge of information and physical security in an e-commerce startup environment
- Significant understanding of security and processes Excellent interpersonal skills
- Risk assessment and mitigation: Identify potential data security risks and vulnerabilities, conduct risk assessments, and develop plans to mitigate and manage these risks effectively.
- Data classification and access control: Execute data classification framework and access control mechanisms to ensure appropriate levels of data protection based on sensitivity and user roles.
- Incident response and management: Develop and maintain an incident response plan to promptly respond to and manage data security incidents, including data breaches, unauthorized access, or data loss.
- Security awareness and training: Promote data security awareness across the organization through training programs, communication campaigns, and regular education sessions to foster a culture of security-conscious employees.
- Works with the IT Security and Compliance team to coordinate communications with all departments and levels of management to minimize enterprise risk.
- Assists with Cybersecurity and IT Operations projects.
- Assists IT Management with project planning and goal alignment.
- Strong collaborator and business partner to other departments with demonstrated excellent communication
- Assists with audit processes as needed.Prior exposure to SOC2, ISO 27001 or NIST preferred.
- Data security, information security, or related roles
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Privacy Professional (CIPP),
- Data security principles, best practices, and industry standards Data protection laws and regulations, such as GDPR, CCPA, or HIPAA
- Network and system security technologies, including firewalls, intrusion detection systems, encryption, and authentication protocols
- Security assessment tools and methodologies
- Experience evaluating host and network forensic reports of electronic media, packet capture, log data analysis, malware triage, and network devices in support of intrusion analysis or enterprise level information security operations.
- Experience in the consumption, processing, and analysis of tactical Cyber Threat Intelligence (CTI) within an operational environment, supporting monitoring, detection, and response capabilities.
- Experience deploying and analyzing data from technical security controls to include web proxy, firewalls, IPS, IDS, mail content scanning appliances, enterprise antivirus solutions, network analyzers, and other host-based protection solutions.
- Exposure to SDN, Firewalls, Google Cloud and AWS, WAF and CDN experience
- Scripting and alert automation and management
- Goof documentation and presentation skills
- Excellent health benefits that the company pays for and a 401k with company match.
- Can work 100% remotely or from our Bay area office- your choice!
- Annual Zenni Gift Card
- Interesting projects with opportunities for growth and professional development in a financially stable, successful, growing Company
As of 01/01/2023, the expected salary range for this position is $125,000 to $145,000. Actual pay within this range will be based upon several factors, including without limitation education, work experience, certifications, geographic pay differentials, market conditions, and other business and organizational needs. The Company anticipates that the reasonably expected salary for this position could change in the future and, therefore, the Company retains the right to change, modify, or revisit the salary range for the position for various reasons, including the Company’s business needs.
Tags: Automation AWS CCPA CDN CIPP CISM CISSP Cloud Compliance CrowdStrike DAST E-commerce EDR Encryption Firewalls GCP GDPR GIAC HIPAA IDS Incident response Intrusion detection IPS ISO 27001 Linux Malware Monitoring NIST OSCP Pentesting Privacy Python Risk assessment SAST Scripting Security assessment SIEM SOAR SOC 2 Threat intelligence Vulnerabilities Vulnerability management
More jobs like this
RICHLAND, WA - Remote RICHLAND, WA - Remote Full TimeMid Mid-levelUSD 35K - 65K * USD 35K+ *
North Wind Group
Vulnerability Remediation Analyst II 03115 NWSOLCISA Clearance IT infrastructure Security Clearance Vulnerabilities Vulnerability management
401(k) matching Career development Competitive pay Health care Insurance +1
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs