Information Security Analyst
Golden, Colorado, United States
Tomorrow.ioPredict, automate, and solve your biggest weather challenges with Tomorrow.io.
Tomorrow.io is the world’s weather and climate security platform, empowering humanity to thrive in an era of climate crisis by equipping countries, businesses, and individuals with the weather intelligence needed to manage their climate security challenges. Customers including Uber, Delta, National Grid, and more use Tomorrow.io to significantly improve operational efficiency, automate risk management and customize predictive action plans to meet sustainability and ESG goals.
We are seeking a skilled and motivated Cyber Security Analyst to join our dynamic team. The Cyber Security Analyst will play a crucial role in safeguarding Tomorrow.io's digital assets, systems, and data across our diverse divisions. This role will involve working closely with various teams in the company, and it may require adherence to various regulatory compliance standards.
As a CyberSecurity Analyst at Tomorrow.io, you will:
- Help ensure Tomorrow.io’s continued cybersecurity compliance, including helping with maintenance, implementation, or compliance with all relevant frameworks/regulations (such as SOC2, ITAR, NIST 800-171, NIST 800-53, NIST/CMMC, etc.)
- Assist with the development, review, and maintenance of Information Systems Security Plans (SSPs), Assessments, and Authorizations in accordance with Department of Defense (DoD) and other Federal mandated policies.
- Work with the team to develop, implement and monitor a strategic information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled, or processed by the organization
- Develop, maintain, and publish up-to-date information security policies, standards and guidelines
- Oversee the approval, training, and dissemination of security policies and practices
- Help to maintain periodic security audits
- Work with the team to map security/breach gaps in the systems/ network/ logging
- Develop, implement, and manage effective Data Loss Prevention (DLP) strategies and tools to safeguard sensitive data across the organization.
- Harden Systems For Cyber Resilience
- Provide first-line support for all security and IT issues, supporting remote sites and managing escalations as needed
What you bring:
- Bachelor’s Degree in Information Systems and/or 3-5 years of work experience in IT support and cybersecurity
- Experience with implementation of Government directives and policies derived from NIST, CNSSI, DoD, or other Government Regulatory compliance standards within a professional industry
- Certifications such as CISSP, CISA, or CompTIA Security+ are a plus
- Production experience supporting applications and collaborating with other groups
- Familiarity with cloud computing platforms such as AWS and GCP
- Working knowledge of computer networks, firewalls, IDS/IPS, netflow, and system logging
- The ability to evaluate and solve complex security problems and design efficient solutions using knowledge of security threats, attack vectors, vulnerabilities, and exploits
- Demonstrated ability to learn new skills quickly and share learnings with the rest of the team
- Up-to-date knowledge of current attack techniques, vulnerability disclosures, and data breach incidents
- Experience supporting various computer hardware platforms and multiple operating systems, both stand-alone and network configurations.
- Strong knowledge of cybersecurity principles, best practices, and industry standards.
So if you are experienced and excited about working with a small IT group to help run an innovative, groundbreaking business and you are highly organized, have great follow-up, and strong interpersonal skills - this is the place for you!
If you have reached this point and you are super excited but not sure you check all the boxes - we still want to speak with you! Your passion is priceless. Other things can be learned.
Anticipated salary range is $120K-$160K, subject to local market and a candidate’s skills and experience. Health, leave and other benefits included. Relocation assistance may be offered / available.
Tomorrow.io is helping Countries, Businesses and Individuals better manage their Climate Security Challenges. Fully customizable to any industry impacted by the weather, customers around the world including Uber, Delta, Ford, National Grid and more use Tomorrow.io to dramatically improve operational efficiency. Tomorrow.io was built from the ground up to help teams predict the business impact of weather, streamline team communication and action plans, improve productivity, and optimize profit margins.
Space: In case you have not heard, we are also going to space with our Operation Tomorrow Space initiative. We are building the first-of-its-kind proprietary satellites equipped with radar, and launching them into space to improve weather forecasting technology for everyone on Earth.
How we roll: We work in an “one office” environment. We believe that magic happens when people work together. Together also includes Zoom meetings, flexible hours and unlimited vacation days. Your success is achieved by your impact and deliveries and not by the hours you put in. We believe in transparency and directness, putting work before ego and empathy. We grow fast and move faster but we always see people first. Each person has their own career growth path for we believe that the only way for the company to grow is if you grow.
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs