Senior Information Security Analyst

Job Description

We are seeking a highly skilled and experienced Information Security Engineer to join our dynamic team. The ideal candidate will possess extensive hands-on experience in Cloud/Azure infrastructure with a strong focus on networking, system hardening, and security operations.

This role is essential for maintaining the security and integrity of our enterprise infrastructure, encompassing a broad range of responsibilities and technologies, including cloud environments, antivirus solutions, DLP, network intrusion detection/prevention systems, firewalls, email security gateways, and more.

The successful candidate will bring a deep understanding of cybersecurity principles, experience with incident response, and the ability to work collaboratively with various stakeholders. This is an excellent opportunity for a seasoned professional to contribute to the ongoing enhancement of our security posture in a fast-paced and evolving environment.

Key Responsibilities:

• Security Monitoring & Incident Response:
  • Develop and integrate security event monitoring and incident management services.
  • Respond to security incidents as they occur, participating actively in incident response teams.
  • Assist with playbook automation and case management to streamline security operations.
• Infrastructure Security Management:
  • Implement and maintain a baseline of system security, informed by the latest threat intelligence and industry trends.
  • Regularly review and assess cybersecurity tools, identifying gaps, and recommending improvements.
  • Maintain and manage Microsoft directory services (both on-prem and cloud-based).
  • Support and mentor Junior Analysts in managing Security Operations Center (SOC) systems.
• Cloud and Network Security:
  • Implement conditional access policies, zero trust architecture, system hardening, and least privilege access controls.
  • Oversee the configuration, management, and auditing of security tools including EDR, vulnerability management, firewalls, and secure email gateways.
• Process Development & Documentation:
  • Produce and maintain detailed documentation to ensure the standardization and repeatability of security procedures.
  • Develop additional investigative methods using a wide range of toolsets to enhance threat detection and analysis.
  • Liaise with SOC engineers to maintain up-to-date security alert dashboards, facilitating faster incident response.
• Strategic Security Guidance:
  • Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices.
  • Offer strategic and tactical security guidance, including the evaluation of technical controls and risk assessments.
  • Participate in root cause analysis of incidents, working with engineers across the enterprise to improve security resilience.