IT Security Analyst II

IT Security Analyst II

The IT Security Analyst II is responsible for monitoring, analyzing, and remediating security threats across the organization's IT environment. This role supports day-to-day security operations while also taking ownership of recurring security processes, incident investigation, control administration, compliance documentation, and security improvement initiatives. The analyst will work closely with IT, the Security Operations Center (SOC), business stakeholders, and external partners to strengthen email security, endpoint protection, identity and access management, cloud productivity platform security, security awareness, and audit readiness.

Primary Responsibilities

• Monitor, triage, and investigate reported phishing attempts, suspicious emails, account activity, endpoint events, and other user-reported or system-generated security incidents; coordinate containment, remediation, and escalation as required.
• Review and analyze alerts from SOC services, SIEM platforms, endpoint protection tools, identity systems, Microsoft 365 security controls, and threat intelligence sources; identify trends, false positives, recurring risks, and opportunities for improved detection.
• Tune and maintain email security controls, including spam, phishing, impersonation, and malware filtering; recommend and implement rule changes to reduce risk while minimizing business disruption.
• Administer phishing simulation campaigns, security awareness training, user follow-up, and reporting; partner with IT and business leaders to improve user resilience against social engineering threats.
• Administer and support endpoint protection, internet security, zero-trust desktop controls, and related security platforms; assist with configuration reviews, exception handling, policy updates, and troubleshooting.
• Monitor Microsoft 365 user account security, email activity, conditional access signals, risky sign-ins, and related security posture indicators; support remediation of compromised or high-risk accounts.
• Support vulnerability management and security hygiene activities by reviewing findings, coordinating remediation with IT teams, validating corrective actions, and documenting risk exceptions where appropriate.
• Maintain ISMS records, evidence repositories, control documentation, incident records, and audit support materials for ISO 27001 and other compliance or customer-driven security requirements.
• Participate in incident response activities, risk assessments, tabletop exercises, process improvement initiatives, and security projects; contribute practical recommendations that reduce operational risk and improve security maturity.
• Prepare recurring metrics, status updates, and management-level summaries related to security incidents, user awareness, control effectiveness, compliance activities, and open remediation items.
• Provide security guidance to IT staff and non-technical users, balancing risk reduction with business continuity and practical user support.

Health, Safety, and Environmental Responsibilities

• All employees are responsible for supporting Audubon Companies' Health, Safety, and Environmental (HSE) policies and procedures. This includes:
• Performing duties in a manner that protects personal and team health and safety
• Participating in required HSE training, meetings, and reporting activities
• Identifying and reporting hazards, near misses, and unsafe conditions
• Following safe work practices and complying with applicable regulatory requirements

Experience and Skill Requirements

• Bachelor's degree in Information Security, Computer Science, Engineering, Information Technology, or related field, or equivalent combination of education, training, and experience.
• Three to five years of experience in IT security, cybersecurity operations, infrastructure security, identity administration, incident response, or a closely related IT role.
• Hands-on experience with security tools and platforms such as SIEM, endpoint detection and response, endpoint protection, email security, identity and access management, vulnerability management, and Microsoft 365 security administration.
• Working knowledge of phishing analysis, incident triage, endpoint investigation, identity-related threats, cloud productivity platform security, and common attack techniques.
• Experience administering or supporting Okta, Microsoft 365, endpoint protection, internet security, and zero-trust or conditional access controls preferred.
• Understanding of ISMS practices, security policies, risk management, audit evidence collection, and compliance frameworks such as ISO 27001.
• Ability to analyze security events, document findings clearly, prioritize risk-based remediation activities, and communicate practical recommendations to technical and non-technical audiences.
• Strong written and verbal communication skills in English; Spanish proficiency is a plus but is not required.
• Ability to work independently, manage recurring security responsibilities, collaborate across teams, and support occasional after-hours incident response or planned security activities when business needs require.
• Relevant certifications such as CompTIA Security+, CySA+, SSCP, GSEC, CISSP, CISM, or Microsoft security certifications are preferred.

No Recruiters, please!

Equal Opportunity Employer/Veterans/Disabled