Sr. Cyber Security Analyst

Sr. Cyber Security Analyst

Locations: Waltham, MA / Boston, MA - Hybrid / New York / Florida / Texas / Virginia / Washington - Remote

About the Role

We are seeking a Sr. Cybersecurity Analyst to join our growing team, reporting to the Director of Information Security and Privacy. In this role, you will help protect client data and ensure trust in our products by identifying risks, coordinating remediation, and supporting daily security operations. You will leverage your expertise to assess, implement, and continuously improve controls aligned with security standards. Collaborating with cross-functional teams, you will drive risk-informed decision-making, support audit readiness, and help enhance our security culture.

How You Will Make an Impact

• Support the development, implementation, and monitoring of security policies and controls, and collaborate with Global Security to ensure alignment with enterprise security standards and frameworks.
• Investigate security incidents and collaborate with internal teams for effective resolution. Coordinate post-incident reporting and remediation.
• Partner with the Vulnerability Management team to drive vulnerability remediation, recommend controls, create playbooks, and ensure fixes are completed by application and system owners within SLAs.
• Conduct periodic access reviews and report security access violations.
• Create and deliver high-quality written communications on security, compliance, and audit issues.
• Support internal security projects, automation efforts, and process improvements.
• Adopt and extend AI-assisted security tooling to reduce toil, accelerate investigations, augment, and simplify recurring security workflows.
• Collaborate with engineering teams to embed security best practices into the software development lifecycle (SDLC) and cloud environments.
• Perform security assessments of new products and services to ensure the adequacy of security and privacy.

Required Experience

• Bachelor's degree in Information Security, Computer Science, or a related field.
• 5+ years of experience in cybersecurity, risk management, or related roles.
• Strong knowledge of security frameworks and standards (e.g., NIST CSF, ISO 27001, SOC 2, CIS Controls), privacy principles, and risk management methodologies.
• Hands-on experience with security tools, including network firewalls, IDS/IPS, WAF, vulnerability management, XDR/EDR, and DLP solutions.
• Experience with evaluating and testing the security of Public Cloud (AWS, Azure).
• Strong understanding of application security, cloud security, network security, identity and access management, and cryptography.
• Excellent written and oral communication skills, with experience in drafting technical documentation and client communications.
• Hands-on experience with scripting, automation (Python, PowerShell, Bash, AI), and infrastructure-as-code security (Terraform, CloudFormation) to scale security outcomes and reduce manual work.
• Experience executing threat modeling and design reviews. In-depth knowledge of identifying and protecting against web application and API security threats.
• Industry certifications such as CISSP, CISM, CCSP, GSEC, or equivalent.

What Sets You Apart (preferred qualifications)

• Detail oriented and organized, with an ability to track multiple efforts to completion.
• Strong analytical, process and problem-solving skills.
• The desire, commitment, and ability to be a team player. Ability to manage expectations, align different points of view and gain consensus.
• Excellent time management skills to effectively manage multiple and sometimes competing priorities. Ability to develop structured plans for short-term work activities and manage own time to consistently meet agreed targets across multiple concurrent security efforts.
• Capable of working with limited direct supervision.