Information Security Analyst

Tomorrow.io is the world’s weather and climate security platform, empowering humanity to thrive in an era of climate crisis by equipping countries, businesses, and individuals with the weather intelligence needed to manage their climate security challenges. Customers including Uber, Delta, National Grid, and more use Tomorrow.io to significantly improve operational efficiency, automate risk management and customize predictive action plans to meet sustainability and ESG goals.

We are seeking a skilled and motivated Cyber Security Analyst to join our dynamic team. The Cyber Security Analyst will play a crucial role in safeguarding Tomorrow.io's digital assets, systems, and data across our diverse divisions. This role will involve working closely with various teams in the company, and it may require adherence to various regulatory compliance standards.

As a CyberSecurity Analyst at Tomorrow.io, you will:

• Help ensure Tomorrow.io’s continued cybersecurity compliance, including helping with maintenance, implementation, or compliance with all relevant frameworks/regulations (such as SOC2, ITAR, NIST 800-171, NIST 800-53, NIST/CMMC, etc.) 
• Assist with the development, review, and maintenance of Information Systems Security Plans (SSPs), Assessments, and Authorizations in accordance with Department of Defense (DoD) and other Federal mandated policies.
• Work with the team to develop, implement and monitor a strategic information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled, or processed by the organization
• Develop, maintain, and publish up-to-date information security policies, standards and guidelines
• Oversee the approval, training, and dissemination of security policies and practices
• Help to maintain periodic security audits 
• Work with the team to map security/breach gaps in the systems/ network/ logging
• Develop, implement, and manage effective Data Loss Prevention (DLP) strategies and tools to safeguard sensitive data across the organization. 
• Harden Systems For Cyber Resilience
• Provide first-line support for all security and IT issues, supporting remote sites and managing escalations as needed

What you bring:

• Bachelor’s Degree in Information Systems and/or 3-5 years of work experience in IT support and cybersecurity
• Experience with implementation of Government directives and policies derived from NIST, CNSSI, DoD, or other Government Regulatory compliance standards within a professional industry
• Certifications such as CISSP, CISA, or CompTIA Security+ are a plus
• Production experience supporting applications and collaborating with other groups
• Familiarity with cloud computing platforms such as AWS and GCP
• Working knowledge of computer networks, firewalls, IDS/IPS, netflow, and system logging
• The ability to evaluate and solve complex security problems and design efficient solutions using knowledge of security threats, attack vectors, vulnerabilities, and exploits
• Demonstrated ability to learn new skills quickly and share learnings with the rest of the team
• Up-to-date knowledge of current attack techniques, vulnerability disclosures, and data breach incidents
• Experience supporting various computer hardware platforms and multiple operating systems, both stand-alone and network configurations.
• Strong knowledge of cybersecurity principles, best practices, and industry standards.

So if you are experienced and excited about working with a small IT group to help run an innovative, groundbreaking business and you are highly organized, have great follow-up, and strong interpersonal skills - this is the place for you!

If you have reached this point and you are super excited but not sure you check all the boxes - we still want to speak with you! Your passion is priceless. Other things can be learned.

Anticipated salary range is $120K-$160K, subject to local market and a candidate’s skills and experience. Health, leave and other benefits included. Relocation assistance may be offered / available. 

________________________________________________________

About Tomorrow.io:

Tomorrow.io is helping Countries, Businesses and Individuals better manage their Climate Security Challenges. Fully customizable to any industry impacted by the weather, customers around the world including Uber, Delta, Ford, National Grid and more use Tomorrow.io to dramatically improve operational efficiency. Tomorrow.io was built from the ground up to help teams predict the business impact of weather, streamline team communication and action plans, improve productivity, and optimize profit margins.

Space: In case you have not heard, we are also going to space with our Operation Tomorrow Space initiative. We are building the first-of-its-kind proprietary satellites equipped with radar, and launching them into space to improve weather forecasting technology for everyone on Earth. 

How we roll: We work in an “one office” environment. We believe that magic happens when people work together. Together also includes Zoom meetings, flexible hours and unlimited vacation days. Your success is achieved by your impact and deliveries and not by the hours you put in. We believe in transparency and directness, putting work before ego and empathy. We grow fast and move faster but we always see people first. Each person has their own career growth path for we believe that the only way for the company to grow is if you grow.