Security Analyst

Posted 27 days agoViewed

View full description

💎 Seniority level: Middle, 3+ years

📍 Location: US, Canada

🔍 Industry: Fraud Prevention and AML Compliance

🏢 Company: Sardine👥 101-250💰 $70,000,000 Series C about 2 months agoCryptocurrency Fraud Detection FinTech Software

⏳ Experience: 3+ years

🪄 Skills: AWSCloud ComputingCybersecurityCommunication SkillsAnalytical SkillsProblem SolvingLinuxAttention to detailComplianceTeamworkTroubleshootingRisk ManagementScripting

Requirements:

3+ years working in a fast-paced role.
Strong understanding of security frameworks and standards (e.g., NIST, ISO 27001, SOC 2).
Knowledge of relevant regulations and compliance requirements (e.g., HIPAA, PCI DSS, GDPR).
Experience with security tools and technologies, such as SIEM, vulnerability scanners, intrusion detection/prevention systems, and firewalls.
Familiarity with risk assessment methodologies and frameworks.
Experience in developing and implementing security policies, standards, and procedures.
Strong analytical, problem-solving, and incident response skills.
Excellent communication and interpersonal skills, with the ability to effectively interact with technical and non-technical stakeholders.
Ability to work independently and as part of a team.
Ability to travel if needed.
Working knowledge of MacOS.

Responsibilities:

Develop, implement, and maintain security policies, standards, and procedures in line with regulatory requirements (e.g., NIST, ISO 27001, HIPAA, PCI DSS, GDPR).
Conduct risk assessments to identify and mitigate threats to information assets.
Monitor and report on compliance, tracking the effectiveness of security controls.
Manage security audits, coordinate with external auditors, and address findings.
Maintain security documentation and ensure alignment with evolving regulations.
Provide security awareness training and support incident response planning.
Monitor SIEM systems and security tools for threats and vulnerabilities.
Investigate and respond to security incidents, documenting analysis and remediation steps.
Perform vulnerability scanning, penetration testing, and security assessments.
Collaborate with IT teams to implement security controls and remediate risks.
Stay informed on emerging threats and contribute to threat intelligence initiatives.
Participate in incident response exercises and develop security reports for management.

Apply

Related Jobs

Apply

🔥 Information Security Analyst

Posted 1 day ago

📍 Canada, U.S.

🔍 Information Security

🔧 Requirements

3 - 5+ years of information security experience
Thorough knowledge of networks and cloud computing
Experience with SOC 2 Type 2
Knowledge of data protection operations and legislation (e.g. GDPR, PIPEDA, HIPAA)
Experience diagnosing and stopping cyberattacks
Experience with vulnerability scanning solutions
Experience penetration testing
Proficiency with mobile device management and endpoint management software
A thorough understanding of security best practices
Leadership and organizational skills
Ability to manage multiple projects
Outstanding communication skills
Problem-solving aptitude
Ability to troubleshoot and repair issues

💡 Responsibilities

Create and maintain security policies at TealBook
Work with SOC 2 Type 2 auditors to ensure compliance and certification
Work with customers to communicate TealBook’s security stance and gather security requirements
Guide and collaborate with software engineers to design, implement and operate secure systems
Guide and collaborate with data engineers to design and implement data security best practices
Perform penetration testing and remediation
Perform vulnerability testing and remediation
Plan and maintain a security roadmap
Track and manage security risks

Cloud ComputingCybersecurityLDAPComplianceRisk ManagementData modelingScripting

Posted 1 day ago

Apply

🔥 Principal Security Analyst - Remote

Posted 4 days ago

📍 United States, Canada, United Kingdom, India

🔍 Cybersecurity

🔧 Requirements

5 or more years of progressing/in-depth IT security experience.
System Administration experience (Windows, Unix/Linux, Mac)
Advanced understanding of networking concepts and ability to analyze network artifacts.
Demonstrated experience in using Endpoint Detection and Response software (SentinelOne, Crowdstrike, Defender ETC.)
Advanced knowledge of at least one leading SIEM platform (Sentinel, Splunk, Elastic, IBM Qradar, Chronicle etc.)
Possess at least one industry certification Sec+, CEH, SANS Certification (e.g. GCIH, GCIA, GSEC, GMON), OSCP etc. or working towards a related certification.
Prior knowledge of SOAR platform such as Siemplify, Forti soar etc.
Basic scripting or development experience in one of the following languages: Python, JavaScript, PowerShell, bash, etc.
Exceptional written and verbal communication skills.
Demonstrated expert knowledge of the MITRE ATT&CK framework.

💡 Responsibilities

Take ownership of positive security outcomes for a designated set of customers.
Provide overall guidance, instruction, mentorship, and leadership to other Security Analysts.
Drive customer cadence calls and act as trusted advisor to customers.
Develop custom dashboards and reports for regular customer status updates.
Ensure quality of SOC deliverables to the Principal Analyst’s customers.
Perform Threat Hunting on customer networks to detect, isolate threats and provide recommendations.
Provide proactive security investigation and searches on client environment to detect malicious activities.
Expert-level Strategic Analysis of customer security posture, risk level, and security data.
Update documentation and runbooks to ensure repeatable analysis.
Advise Detection Engineering, Automation Engineering, and Telemetry Engineering on technology improvements to close gaps in customer security posture.
Document and communicate recommendations and guidelines based on results of analysis.
Maintain current knowledge and understanding of threat landscape.

PythonSQLBashCybersecurityData AnalysisCommunication SkillsAnalytical SkillsCI/CDProblem SolvingCustomer serviceMentoringLinuxWritten communicationDocumentationNetworkingReportingActive listeningRisk ManagementScripting

Posted 4 days ago

Apply

🔥 Cyber Security Analyst (Tier 2)

Posted 21 days ago

📍 United States

💸 70000.0 - 85000.0 USD per year

🔍 Cybersecurity

🏢 Company: CyberSheath

🔧 Requirements

Minimum of 3 years’ experience in Threat Analysis and Threat intelligence
At least 2 years' experience working in a SOC
First-hand working experience with industry leading SIEM/SOAR tooling/providers
Prior experience with Sumo Logic, Google Chronicle, Azure Sentinel is a strong plus
Advanced understanding of query languages
Working Kusto (KQL) knowledge is a plus
Networking experience (TCP/IP, Routing, RFC 1918, VPN/Zero-Trust Networking)
Strong experience with Office 365 / Entra ID Ecosystems
GCC-High Experience is a plus
Possess strong troubleshooting, problem-solving, and verbal/written communication skills
Excellent communication skills to communicate with support personnel, customers, and managers
Demonstrated ability to work in a team environment
Must be a U.S. Citizen and reside within the United States or its Territories

💡 Responsibilities

Analyze, respond, document and report on potential security incidents identified in customer environments
Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets
Serve as an incident coordinator for security events that require urgent response, containment, and remediation
Develop and maintain Security tooling playbooks/runbooks
Continuously review and optimize existing technical processes, configurations, rulesets, technologies
Provide analysis on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc.
Actively research current threats and attack vectors being exploited in the wild
Actively work with associate analysts and perform investigations on escalations
Ability to discuss security posture with multiple clients and make recommendations to better their holistic security approach

CybersecurityAzureLinuxComplianceNetworkingRisk Management

Posted 21 days ago

Apply

🔥 Information Security Analyst

Posted 29 days ago

📍 United States

🧭 Full-Time

🔍 Logistics

🏢 Company: Roadie👥 1-10💰 $37,000,000 Series C about 6 years agoInternet Automotive Shipping Apps Software

🔧 Requirements

4+ years of experience in information security, including audit and compliance work
Familiarity with HIPAA, SOC 2, Federal, and State level compliance requirements
Relevant certifications such as CISSP, CISA, or CRISC, preferred
Strong understanding of security protocols, systems, and best practices
Experience with vulnerability assessment tools and techniques
Experience with incident response methodology
Excellent analytical, problem-solving, and communication skills

💡 Responsibilities

Conduct regular audits to ensure compliance with Roadie policies, procedures, standards, and external controls such as HIPAA and SOC 2
Develop, implement, and maintain policies and procedures to ensure ongoing security and compliance
Prepare and maintain documentation for all audit processes and findings
Coordinate with external auditors and facilitate the audit process
Identify and rectify compliance gaps, ensuring all corrective actions are taken
Investigate and respond to security incidents, providing detailed reports and recommendations
Perform regular vulnerability assessments
Maintain up-to-date knowledge of industry standards, compliance requirements, and cybersecurity threats and trends
Conduct training sessions and create educational materials to raise awareness of security protocols and best practices among employees
Work closely with IT and other departments to ensure comprehensive security measures are in place
Communicate effectively with stakeholders about security risks and mitigation strategies

CybersecurityRESTful APIsComplianceRisk Management

Posted 29 days ago

Apply

🔥 IT Security Analyst

Posted about 1 month ago

📍 United States

🧭 Full-Time

🔍 Driver & Vehicle solutions for government entities

🔧 Requirements

Bachelor's degree in Computer Science (or similar) or an equivalent combination of relevant education and work experience
Knowledge of vulnerability management (scanning, reporting)
SIEM – network and agent based (installation, operation, triage)
Centralized log management
Compliance frameworks (NIST 800-53, SOC II, ISO 27001, PCI-DSS)
ITIL
2 or more years in an IT operations related position
1 or more years in an IT security related position is considered an asset
Automation Languages: Python, Ruby, Bash, PowerShell
O/S: Linux/Unix, Windows
Security Technologies: IAM, MFA, H/NIDS, Traditional Perimeter and Endpoint security
Cloud: Azure and/or AWS
Software: MS O365
Experience with Open-Source projects is considered an asset

💡 Responsibilities

Collaborate with Risk and Compliance personnel to gather evidence for Compliance requirements (SOC II, ISO 27001, PCI, NIST 800-53, etc.).
Develop and implement processes for evidence collection, ensuring accuracy, completeness and timeliness in response to audit requests.
Collaborate with stakeholders to address compliance gaps and implement corrective actions.
Design, implement and maintain automated processes within the SIEM environment to enhance threat detection, incident response and log management.
Collaborate with cross-functional teams to integrate security controls and enhance the overall effectiveness of the SIEM solution.
Develop and maintain automated responses to common security incidents.
Monitor SIEM alerts and investigate security incidents to determine the root cause and appropriate remediation actions.
Design, implement and maintain automated security processes to enhance efficiency and reduce response times.
Prioritize and remediate identified vulnerabilities in collaboration with system owners and IT teams.
Create and maintain documentation related to security policies, procedures and configurations.
Communicate security risks and findings to technical and non-technical audiences effectively.
Build relationships with stakeholders across groups to understand needs and requirements and the associated notification process.

AWSBashCybersecurityAzureLinuxCompliance

Posted about 1 month ago

Apply

🔥 Security Analyst

Posted about 1 month ago

📍 United States, Canada

🧭 Full-Time

💸 114750.0 - 120000.0 USD per year

🔍 Biotechnology

🏢 Company: Benchling👥 501-1000💰 $100,000,000 Series F over 3 years agoBiotechnology Life Science Software

🔧 Requirements

1+ years of Incident Response experience
Experience participating in multi-team incidents
Practical experience with attacker tactics and techniques
Experience with cloud environments and automation
Experience in at least one scripting language, preferably Python

💡 Responsibilities

Coordinate investigations across the organization
Drive multi-functional incident response
Build efficient processes for handling investigations

PythonCloud ComputingScripting

Posted about 1 month ago

Apply

🔥 Security Analyst

Posted about 1 month ago

📍 Philadelphia, Pennsylvania; Boston, Massachusetts; New York City, New York; Baltimore, Maryland; Washington, D.C.; Charlotte, North Carolina; Raleigh-Durham, North Carolina; Atlanta, Georgia; Chicago, Illinois; CT, DE, FL, GA, IL, IN, MA, MD, MI, NC, NJ, NY, OH, PA, TN, and VA

🧭 Full-Time

🔍 Information Security

🏢 Company: HealthVerity👥 101-250💰 $100,000,000 Series D almost 4 years agoInformation Services Information Technology Health Care

🔧 Requirements

2-5 years information security and/or system administration experience under Linux-focused on patching, configuration management, and vulnerability remediation
ISC2, SANS or similar security certifications
Working knowledge of Nmap, Nessus, OpenVPN, tcpdump, OpenSSL and other security related tools
Comfortable with scripting in Python and Bash
Understanding of data network configuration and infrastructure concepts, including TCP/IP, DNS, routers, internet/intranet/extranet, firewalls, web servers and security hierarchy including the application of encryption key infrastructures and authentication processes

💡 Responsibilities

Manage and triage security incidents and events daily
Own operational security tool administration and optimization of configuration settings
Perform scanning activities and ensuring records are created to document and track vulnerabilities
Ensure our logging system configuration is consistent with policy and procedure requirements and generates reports that aid in incident response and investigation
Participate in select security led projects to expand and/or improve security capabilities
Research InfoSec trends, analyze threat intelligence reports via subscribed feeds and recommend security posture changes
Aid in identifying procedure maintenance and create documentation as needed
Participate in Contingency Planning and Incident Response exercises

PythonSQLBashCybersecurityLinuxComplianceRisk ManagementScripting

Posted about 1 month ago

Apply

🔥 Security Analyst

Posted about 2 months ago

📍 United States

🧭 Full-Time

🔍 Simulation & Training

🔧 Requirements

Willingness to learn and develop cybersecurity skills in a dynamic environment

💡 Responsibilities

Help safeguard our information systems
Support compliance with cybersecurity frameworks such as NIST 800-171 and CMMC
Assist with optimizing our security technologies
Contribute to proactive and effective security practices across the organization

CybersecurityCompliance

Posted about 2 months ago

Apply

🔥 Senior Security Analyst- 3 Month Project

Posted about 2 months ago

📍 United States

🧭 Contract

🔍 Software Development

🏢 Company: Blooming Health👥 11-50💰 $4,200,000 Seed over 1 year agoApps Wellness Health Care Software

🔧 Requirements

Strong background in configuring and managing SIEM/SOAR platforms (e.g., Splunk, QRadar, Sentinel, Cortex XSOAR) from scratch.
Proven record establishing ITSM processes (Incident, Change, Configuration Management) in a mid-to-large enterprise environment.
Hands-on experience setting up vulnerability management solutions (e.g., Nessus, Qualys) and coordinating remediation efforts.
Comfortable with scripting/automation (Python, PowerShell, Bash) to integrate disparate systems and automate workflows.

💡 Responsibilities

Plan and Implement SIEM/SOAR Solutions
Establish and Refine ITSM Processes
Vulnerability Management Program
Audit Evidence Collection and Coordination
Collaboration and Stakeholder Management
Tool Configuration and Integration
Incident Response and Coordination
Technical Security Training
Continuous Improvement and Strategy

AWSPythonBashAzureChange Management

Posted about 2 months ago

Apply

🔥 Product Security Analyst, Events Team

Posted about 2 months ago

📍 United States, United Kingdom

🧭 Full-Time

💸 115000.0 - 130000.0 USD per year

🔍 Information Security

🏢 Company: HackerOne👥 201-500💰 $49,000,000 Series E about 3 years ago🫂 Last layoff over 1 year agoInternet Computer Network Security

🔧 Requirements

3+ years of experience in security testing or ethical hacking
Proven experience with vulnerability disclosure and bug bounty
Strong knowledge of OWASP top 10
Experience using security testing tools including Burpsuite
Familiarity with CVSS frameworks

💡 Responsibilities

Evaluate vulnerability reports submitted by hackers
Collaborate with hackers to understand complex vulnerabilities
Ensure clear communication between hackers, customers, and teammates
Reproduce reported vulnerabilities and compose technical summaries
Identify and solve issues proactively

Cybersecurity

Posted about 2 months ago

Apply