Information Security Analyst

Job Title: Information Security Analyst Job Summary: We are seeking a highly motivated Information Security Analyst to safeguard the organization's information systems, networks, applications, and data assets from cyber threats. The ideal candidate will be responsible for monitoring security events, identifying vulnerabilities, conducting risk assessments, responding to security incidents, and ensuring compliance with security policies and industry regulations. This role plays a critical part in maintaining the confidentiality, integrity, and availability of organizational information. Key Responsibilities: Monitor security alerts, logs, and events across enterprise systems and networks. Conduct vulnerability assessments and security risk analyses. Investigate and respond to security incidents, breaches, and suspicious activities. Implement and maintain security controls, policies, and procedures. Perform security audits and compliance assessments. Analyze threats and recommend mitigation strategies. Support identity and access management (IAM) initiatives. Collaborate with IT, DevOps, Cloud, and Development teams to strengthen security posture. Assist in disaster recovery and business continuity planning. Create and maintain security documentation, incident reports, and audit findings. Conduct security awareness training and educate employees on cybersecurity best practices. Stay updated on emerging cyber threats, attack vectors, and security technologies. Required Skills: Strong understanding of cybersecurity principles and best practices. Knowledge of network security, endpoint security, and application security. Experience with security monitoring and incident response processes. Understanding of risk management and security governance. Strong analytical, troubleshooting, and problem-solving abilities. Excellent communication and documentation skills. Technical Skills: Security Tools: Splunk, QRadar, ArcSight, Sentinel, ELK Stack Vulnerability Management: Nessus, Qualys, Rapid7 Endpoint Security: CrowdStrike, Microsoft Defender, Symantec Identity Management: Active Directory, Azure AD, Okta Network Security: Firewalls, IDS/IPS, VPNs Operating Systems: Windows, Linux, Unix Cloud Security: AWS, Azure, GCP Scripting: Python, PowerShell, Bash Security Frameworks: NIST, ISO 27001, CIS Controls Qualifications: Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field. Professional certifications are highly preferred: CompTIA Security+ CEH (Certified Ethical Hacker) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) GIAC Security Certifications Experience: 2-6 years of experience in Information Security, Cybersecurity, SOC Operations, or Risk Management. Experience with security monitoring, incident response, and vulnerability management. Familiarity with compliance frameworks and regulatory requirements. Experience working in enterprise IT environments. Preferred Qualifications: Experience in Security Operations Center (SOC) environments. Knowledge of cloud security and DevSecOps practices. Familiarity with penetration testing and ethical hacking concepts. Understanding of data privacy regulations such as GDPR, HIPAA, SOC 2, and PCI-DSS. Experience with threat intelligence platforms and threat hunting activities. Preferred Qualities: Strong attention to detail and security-focused mindset. Ability to work effectively during high-pressure security incidents. Excellent investigative and analytical skills. Strong teamwork and stakeholder collaboration abilities. Passion for cybersecurity and continuous learning. Employment Type: Full-Time Location: Remote / Hybrid / On-site Nice to Have: Experience with SIEM implementation and security automation. Knowledge of Cloud Security Posture Management (CSPM) tools. Experience with security compliance audits and governance initiatives. Familiarity with Zero Trust Architecture and modern security frameworks. Experience supporting enterprise SaaS, Cloud, Financial Services, Healthcare, or Government environments.