Information Security Analyst Position Overview
Join our dedicated team at our Danbury facility, where your role will be pivotal in safeguarding our data across on-premises and cloud-based applications. This hands-on position is ideal for individuals passionate about security, equipped with a strong technical background, and adept at addressing technical challenges.
Key Responsibilities
- Implement security controls using the Center for Internet Security (CIS) Controls framework to uphold robust security protocols and procedures.
- Develop and manage security measures for information systems to prevent breaches, detect vulnerabilities, and manage risks.
- Conduct regular system audits to ensure compliance with security standards.
- Utilize AI in data security and protection strategies.
- Collaborate with IT teams to integrate security practices into the development lifecycle.
- Provide training and guidance to IT staff on best practices in cybersecurity.
- Stay updated with the latest trends and technologies in cybersecurity.
- Assist with updating and reviewing the System Security Plan (SSP).
- Create and implement security controls such as firewalls and encryption, and advise on configurations for security tools.
- Assess, categorize, and address security events and vulnerabilities before they escalate.
- Identify security gaps and propose enhancements to existing security controls.
- Engage in cybersecurity projects to ensure timely delivery in line with information protection requirements.
- Maintain partnerships with Managed Security Services Providers.
- Oversee vulnerability management, including categorization, risk evaluation, and remediation implementation.
- Handle patch management for servers and endpoints.
- Participate in an on-call rotation for emergency events, such as outages and cyber incidents.
Qualifications
- Education: A Bachelor's degree in Information Technology, Compliance, Information Management, Infrastructure, or Information Security.
- Experience: 5 to 7 years of relevant work experience.
- Technical Skills:
- Proficiency with Rapid7 and NextGen AV systems.
- Hands-on experience with AI models and information security frameworks (e.g., CIS Framework, NIST).
- Working knowledge of network technologies (switches, routers, firewalls, VPN) and security tools (DLP, antivirus, SIEM).
- Experience with cloud security (AWS, Google Cloud Platform, or Azure) and identity access management systems (IAM).
- Familiarity with HIPAA and FDA regulated environments is preferred.
- Skills:
- Strong analytical skills and experience in Cybersecurity and Information Systems.
- Ability to propose and implement solutions for addressing vulnerabilities.
- Experience with SIEM, configuration management, and vulnerability scanning.
What We Offer
- A dynamic work environment with a mix of onsite and remote flexibility.
- Opportunities for professional growth and development.
- A collaborative team culture dedicated to innovation and security excellence.
Employment Type: Full-Time