Security Analyst

Job Description

<h3>Job Description</h3><p>Job Description<p><p><strong>Security Analyst</strong></p><p>Key Responsibilities</p><p><strong>Security Monitoring & Incident Response</strong></p><ul><li><p>Partner closely with a managed security service/SOC provider to oversee threat monitoring, investigations, incident response activities, and security reporting.</p></li><li><p>Review and analyze security events, alerts, and logs to identify suspicious activity and potential risks.</p></li><li><p>Take ownership of security incidents from initial triage through containment, remediation, and post-incident review.</p></li><li><p>Administer identity and access management across enterprise systems and applications.</p></li><li><p>Assist in maintaining secure configurations across on-prem, network, and cloud-based environments.</p></li></ul><p><strong>Risk Management & Compliance</strong></p><ul><li><p>Design, implement, and maintain security controls, tools, and procedures to minimize organizational risk.</p></li><li><p>Lead and support vulnerability management activities, including identification, prioritization, and remediation tracking.</p></li><li><p>Perform security reviews, risk assessments, and internal audits to ensure alignment with security policies and regulatory frameworks.</p></li><li><p>Contribute to the development, implementation, and enforcement of security standards and policies.</p></li></ul><p><strong>Governance & Continuous Improvement</strong></p><ul><li><p>Produce clear security documentation, metrics, and reports for technical and non-technical stakeholders.</p></li><li><p>Work collaboratively with IT, engineering, and business teams to embed security best practices into new systems and initiatives.</p></li><li><p>Support security awareness and training efforts to reduce human-related security risks.</p></li><li><p>Monitor threat intelligence sources to stay ahead of emerging threats and attack trends.</p></li><li><p>Continuously evaluate and recommend improvements to security processes, tooling, and technologies based on industry best practices and lessons learned.</p></li></ul><p>Qualifications</p><ul><li><p>Post-secondary education in computer science, information security, or a related discipline, or equivalent professional experience (approximately 5+ years).</p></li><li><p>Formal security training and/or industry certifications (e.g., Security+, CISSP, GIAC) are considered an asset.</p></li><li><p>Strong technical foundation across core IT domains, including networking, virtualization, containers, cloud platforms, and infrastructure technologies.</p></li><li><p>Self-driven, proactive, and able to work independently while collaborating effectively with cross-functional teams.</p></li></ul></p></p>