Senior Information Security Analyst
New York City
Yext
Yext is the leading digital presence platform for multi-location brands, powering the knowledge behind every customer engagement.Yext (NYSE: YEXT) is building the next big thing in AI search, and the next big thing is answers.
With the explosion of information and data online, search has never been more important. However, while the world of consumer search has innovated over time, enterprise search has not. In fact, the majority of enterprise search is powered by outdated keyword technology that only scans for keywords and delivers a list of hyperlinks rather than actually answering questions. Yext, the AI Search Company, offers a modern, AI-powered Answers Platform that understands natural language so that when people ask questions about a business online they get direct answers – not links.
We have a big, audacious mission to transform the enterprise with AI search. To achieve that, we need bright minds and diverse perspectives to join our growing company and help us continue to disrupt an industry. Does this sound like you?
Yext is actively seeking a Sr. Analyst, Information Security reporting into the Director of Information Security, Risk and Compliance. This role is critical to mapping our Information security strategy with Security disciplines and compliance requirements. This role will focus on the company’s Vendor management process, participate in security incident management, monitor intrusion detection, and prevention system logs within SIEM, perform information systems auditing, manage and monitor desktop security incidents.
The Ideal candidates will have a deep understanding of security fundamentals, technology, applications, managed services, industry best practices, business processes and architectural frameworks and patterns to drive security maturity and privacy initiatives that meet Yext’s security objectives. They will be a security generalist with impeccable judgment and discretion, excellent troubleshooting skills, deep understanding of network and information security issues, and solid experience in many of the following areas:
What You'll Do
⦁ Executing implementation, design, and execution of third party risk related projects at a professional services firm or enterprise;
⦁ Understanding technical and operational standard industry practices involving third party risk management regulations/standards to build programs, risk assessments and business processes;
⦁ Maintain vendor tracking list and/or database containing important contract dates and milestones and input/track in Company’s risk management system, as applicable.
⦁ Understanding common Third-party risk-related issues currently faced in one or more industry sectors; and, conducting quantitative and qualitative analyses of large and complex data.
⦁ Support company’s efforts to adopt security practices consistent with various frameworks, most commonly the NIST Cybersecurity Framework
⦁ Perform security monitoring and incident response of cybersecurity events for proper determination of being considered a cybersecurity event.
⦁ Research and develop security testing techniques, and processes to support security assessments
⦁ Ability to conduct packet level analysis on the session and surrounding traffic of an IDS alert
⦁ Capability to perform basic IDS (Snort, Suricata, Bro/Zeek, etc.) rule creation and tuning based on indicators in network traffic
⦁ Research security enhancements and make recommendations to management
⦁ Work collaboratively with other company members and internal senior management
⦁ Basic technical writing skills for incident report writing, customer interaction, and process documentation
What You Have
⦁ Bachelor’s Degree in Information Technology or related field of study.
⦁ 5+ years of relevant work experience in infrastructure or Security Engineering including management of technical teams.
⦁ Good understanding of modern security frameworks and offensive security toolkits.
⦁ Self-motivated team player that is energetic, with excellent interpersonal, organizational, and conflict-resolution skills
⦁ Strong problem-solving, critical thinking, and analytical skills.
⦁ A high degree of flexibility, independence, initiative, and detail orientation.
⦁ Ability to present complex ideas in easy-to-understand language.
⦁ Desire and ability to learn on a continual basis and quickly apply that learning to client activities; strong desire to take ownership of initiatives
⦁ Strong written and verbal communication skills
⦁ Industry certification(s) strongly preferred (A+, Security+, Network +, SSCP, etc.)
⦁ Understanding of basic risk assessment approaches/methodologies
#LI-JM1
Yext is committed to building an inclusive and diverse culture where every person is seen, heard and valued. We believe in equal employment opportunity and welcome employees and applicants of all races, colors, ethnicities, religions, creeds, national origins, ancestries, genetics, sexes, pregnancy or childbirth, sexual orientations, genders (including gender identity or nonbinary or nonconformity and/or status as a trans individual), ages, physical or mental disabilities, citizenships, marital, parental and/or familial status, past, current or prospective service in the uniformed services, or any characteristic protected under applicable law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you require a reasonable accommodation in completing this application, interviewing, or participating in the employee selection process, please complete this form.
Tags: Audits Compliance IDS Incident response Intrusion detection Monitoring NIST Offensive security Privacy Risk assessment Risk management Security assessment Security strategy SIEM Snort SSCP Strategy Vendor management
Perks/benefits: Flex vacation Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs