Description
We are seeking a dedicated Information Security Analyst to join our team at our Danbury facility. In this hands-on role, you will play a crucial part in safeguarding our data across both on-premises and cloud-based applications. If you are passionate about security, have a strong technical background, and enjoy tackling technical challenges from start to finish, we would love to hear from you.
Key Responsibilities
- Implement Security Controls: Apply the Center for Internet Security (CIS) Controls framework to maintain strong security protocols and procedures.
- Manage Security Measures: Develop and manage security measures for information systems to prevent breaches, detect vulnerabilities, and manage risk.
- Conduct Audits: Perform regular system audits to ensure adherence to security standards.
- Leverage AI: Utilize AI in data security and protection strategies.
- Collaborate: Work with IT teams to integrate security practices into the development lifecycle.
- Educate: Provide training and guidance to IT staff on cybersecurity best practices.
- Stay Updated: Keep up with the latest cybersecurity trends and technologies.
- Review Security Plans: Assist with updating and reviewing the System Security Plan (SSP).
- Develop Controls: Create and implement controls such as firewalls, encryption, and vulnerability scanning, and advise on configurations for various security tools.
- Evaluate and Remediate: Assess, categorize, and address security events and vulnerabilities before they escalate.
- Enhance Security: Identify security gaps and propose enhancements to security controls.
- Participate in Projects: Engage in cybersecurity projects to ensure timely delivery and alignment with information protection requirements.
- Maintain Relationships: Collaborate with Managed Security Services Providers.
- Manage Vulnerabilities: Oversee vulnerability management, including categorizing, evaluating risk, and implementing remediation.
- Patch Management: Handle patch management for servers and endpoints.
- On-Call Support: Participate in an on-call rotation for emergency events, including outages and cyber incidents.
Qualifications
- Education: Bachelor's degree in Information Technology, Compliance, Information Management, Infrastructure, or Information Security.
- Experience: 5 to 7 years of relevant work experience.
- Technical Skills:
- Proficiency with Rapid7 and NextGen AV systems.
- Hands-on experience with AI models and information security frameworks (e.g., CIS Framework, NIST).
- Working knowledge of network technologies (switches, routers, firewalls, VPN), and security tools (DLP, antivirus, SIEM, etc.).
- Experience with cloud security (AWS, Google Cloud Platform, or Azure) and identity access management systems (IAM).
- Familiarity with HIPAA and FDA regulated environments is preferred.
- Skills:
- Strong analytical skills and experience in Cybersecurity, Information Systems, or related disciplines.
- Ability to propose and implement solutions for closing vulnerabilities.
- Experience with SIEM, configuration management, and vulnerability scanning.
What We Offer
- A dynamic work environment with a mix of onsite and remote flexibility.
- Opportunities for professional growth and development.
- A collaborative team culture focused on innovation and security excellence.
Employment Type: Full-Time