This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

The Information Security Analyst is responsible for protecting an organization’s computer systems, networks, and data from security threats. This role involves monitoring security systems, analyzing incidents, implementing security controls, and ensuring compliance with security standards. The analyst works closely with IT teams to identify vulnerabilities, respond to cyber incidents, and support the overall cybersecurity strategy.

Key Responsibilities

• Security Monitoring & Incident Response
  • Monitor security events, alerts, and logs using SIEM and other monitoring tools.
  • Investigate potential security incidents and take remedial action.
  • Conduct root-cause analysis and document findings.
  • Respond to security breaches and support incident resolution processes.
• Vulnerability & Risk Management
  • Perform routine vulnerability scans and risk assessments.
  • Assist in patch management and mitigation strategies.
  • Track and report security risks, ensuring timely remediation.
• Security Tools & Technologies
  • Maintain and configure security tools such as firewalls, endpoint protection, IDS/IPS, and DLP systems.
  • Support deployment and tuning of SIEM solutions.
  • Evaluate new security technologies and assist with implementation.
• Policy, Compliance & Governance
  • Support compliance initiatives such as ISO 27001, NIST, SOC 2, GDPR, or HIPAA.
  • Assist in developing and maintaining security policies, procedures, and standards.
  • Participate in internal and external audits.
• Security Awareness & Training
  • Collaborate with HR/IT to conduct employee cybersecurity training.
  • Help develop awareness content on phishing, password hygiene, and secure practices.
• Documentation & Reporting
  • Prepare technical documentation, risk assessments, and incident reports.
  • Provide regular updates to leadership on security posture and incidents.

Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience).
• 1–3 years of experience in information security, IT systems, or network administration.
• Knowledge of common security frameworks (e.g., NIST CSF, ISO 27001).
• Familiarity with security tools: SIEM, IDS/IPS, endpoint security, vulnerability scanners.
• Understanding of networking concepts (TCP/IP, DNS, firewalls, VPN).
• Strong analytical, troubleshooting, and communication skills.

Preferred Qualifications

• Industry certifications such as:
  • CompTIA Security+
  • Certified Ethical Hacker (CEH)
  • GIAC Security Essentials (GSEC)
  • Certified Information Systems Security Professional (CISSP) (associate level acceptable)
• Experience with cloud platforms (AWS, Azure, GCP) and cloud security tools.
• Familiarity with scripting languages (Python, PowerShell, Bash).