Information Security Analyst I

Information Security Analyst I

Join Laserfiche as an Information Security Analyst I and play a hands-on role in defending the systems that power a global leader in digital transformation. In this dynamic position, you'll dive into real security operations—monitoring, detection engineering, vulnerability management, and security configuration—while helping grow the enterprise security program. You'll work across cloud and on-prem environments, implementing and continuously improving security controls that safeguard critical applications, data, and infrastructure. This is a highly collaborative role where you'll partner with teams across ITS, the Business Transformation Office, GRC, Development, and more to ensure Laserfiche's security posture is strong, scalable, and aligned with business goals. If you're passionate about hands-on security work, eager to learn, and excited to make a direct impact on enterprise protection, this role offers the opportunity to grow, innovate, and contribute from day one.

Location: Hybrid: Three days per week (Tuesday, Wednesday and Thursday) in-office in Long Beach, CA. Remote work from home on Mondays and Fridays. Periodic after-hours support may be required for security incidents or maintenance activities.

About the Role - Key Responsibilities:

• Configure and manage security tools including endpoint detection and response (EDR), SIEM, vulnerability management platforms, email security, identity and access management (IAM) and other security technologies.
• Support ITS and Development teams in integrating security controls into system architecture and deployment workflows.
• Assist in the evaluation and implementation of new security technologies to enhance prevention, detection and response capabilities.
• Safeguard Laserfiche information in accordance with Laserfiche Information Security Policies.

• Monitor security events and alerts from SIEM, EDR, cloud-native logging tools and other detection platforms.
• Perform triage, investigation and root cause analysis of security incidents and suspicious activity.
• Support incident response efforts in coordination with ITS and business stakeholders.
• Develop and tune detection rules, alerts and automated response playbooks to improve security visibility and reduce false positive rates.
• Document incidents, response actions and lessons learned to strengthen operational maturity.
• Participate in tabletop exercises and incident response testing activities.

• Perform recurring vulnerability scans across infrastructure, endpoints, applications and cloud environments.
• Validate findings, prioritize remediation based on risk and track mitigation progress with system owners.
• Conduct configuration reviews and security assessments of systems and cloud resources.
• Stay current on emerging threats, vulnerabilities and exploit techniques, and recommend appropriate countermeasures.
• Partner with ITS and Development teams to drive timely remediation of security findings.

• Support security configuration and monitoring of cloud and SaaS environments including AWS, Microsoft 365 and Okta.
• Review IAM roles, policies and permissions to enforce least privilege and proper access controls.
• Assist in the secure implementation of new cloud services and infrastructure changes.

• Contribute to security awareness initiatives, including phishing simulations, training content and employee communications to promote a security-conscious culture.
• Provide technical security guidance to internal stakeholders and assist in responding to security-related customer or vendor inquiries.
• Support internal audits and compliance initiatives by gathering technical evidence of control implementation.
• Participate in risk assessments, vendor reviews and architecture design discussions.
• Help refine security policies, standards and procedures based on operational experience.

About You - Essential Qualifications:

• Bachelor's degree in cybersecurity, information systems, computer science or related field.
• Experience in security operations, information security or a related technical role.
• Relevant certifications such as Splunk, Security+, CySA+, BTL1, PSAA or AWS Cloud Practitioner are preferred.
• Experience supporting on-premises, hybrid and cloud environments.
• Foundational understanding of security operations, including monitoring, incident response and vulnerability management.
• Familiarity with SIEM platforms (Splunk preferred), EDR solutions and vulnerability management tools.
• Foundational understanding of network security principles including segmentation, firewall management, VPN technologies and traffic analysis.
• Experience with Windows and Linux system administration and hardening practices.
• Awareness of common attack frameworks such as MITRE ATT&CK and prevalent adversary techniques.
• Strong analytical and problem-solving skills with attention to detail.

The salary range varies, and pay is based on several factors including but not limited to education, certifications (if applicable), candidate's geographic region, job-related knowledge, skills and years of experience amongst other factors.

• $40.87 - $52.88 per hour

Perks & Benefits at a Glance

• Generous time off: 15 Days of Vacation, 3 Floating Holidays, 2 Paid Volunteer Days, 9 Paid Holidays
• Hybrid Work Environment
• Free Parking: covered and EV charging stations
• Various 401 (k) Investment Options and Generous Company Match
• HMO and PPO Medical Care Options

Applicants must be authorized to work for Laserfiche in the United States on a full-time basis without the need for employer sponsorship. We are unable to sponsor new employment visas, or take over sponsorship of existing employment visas, at this time.