Information Security Analyst I

We are seeking a proactive and detail-oriented Information Security Analyst I to safeguard our organization's systems and data by driving our primary vulnerability management lifecycle. In this role, you will hands-on manage our vulnerability scanning infrastructure (Tenable), actively research newly disclosed threats, maintain the daily security ticket queue, and triage incoming security alerts. You will act as a crucial bridge between the security team and IT infrastructure owners to ensure robust remediation and continuous security posture improvement.

This role will sit in Camden NJ 5 days in office. 

• Vulnerability Management & Tool Administration

  • Scan Administration: Configure, schedule, and maintain regular authenticated and unauthenticated vulnerability scans leveraging our existing toolset ( Tenable ).
  • Threat & Vulnerability Research: Actively monitor threat intelligence feeds to research newly released vulnerabilities (e.g., zero-days, CISA KEVs) and evaluate their potential impact and exposure within our specific environment.
  • Remediation Tracking: Proactively identify, prioritize, and assess vulnerabilities to design actionable remediation plans. Partner collaboratively with IT infrastructure and system owners to track remediation efforts to completion.
  • Tool Optimization: Continuously tune scanning profiles and logic to minimize false positives and maximize asset coverage.

  Alert Triage & Incident Response

  • Queue Management: Take ownership of managing the daily security ticket queue, ensuring incoming security requests, findings, and tasks are categorized, prioritized, and actioned within established SLAs.
  • Alert Triage: Monitor security tools and computer networks to detect, triage, and investigate incoming security alerts, anomalies, and potential breaches.
  • Data Correlation: Conduct deep-dive research, analysis, and event correlation across a wide variety of log sources and data sets during investigations.

  Documentation, Strategy & Reporting

  • Reporting: Prepare clear status reports, KPIs, and presentations documenting vulnerability metrics and scanning results suitable for peers, system owners, and senior leadership.
  • Policy & Documentation: Ensure security documentation, standard operating procedures (SOPs), and patching standards are accurate, maintained, and up to date.
  • Threat Landscape Awareness: Monitor the evolving threat landscape to understand how emerging vulnerabilities could impact our environment and highlight recurring security gaps to the team.
  • General Duties: Perform other duties and responsibilities as required by the role and determined by management.

• • BA/BS degree strongly preferred, will consider comparable work experience.
  • 0-2 years of relevant experience is preferred.
  • Entry level professional with limited or no prior experience.
  • Focuses on learning professional skills and role-specific knowledge through on-the-job training and experiences.

  We are excited to share that the base salary range for this position is $75,796.50 - 101,062.00. This position is also eligible for an annual discretionary bonus, targeted at 3%. NFI takes into consideration applicants' qualifications, experience, education, and geographic location when determining a starting rate of pay.

   

  Employees are also eligible for a robust benefit program, which includes Medical, Dental, Vision, Prescription Drug Coverage, 401k Plan, Wellness Program, Life Insurance, Paid Time Off, and Paid Parental Leave, among other benefit plan options.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

LA County Applicants: The Company will consider qualified applicants, including those with criminal histories, in a manner consistent with applicable state and local laws.