Job Description
The Information Security Analyst is responsible for safeguarding the organization's information assets by identifying, assessing, and mitigating security risks. This role monitors security systems, investigates potential threats, evaluates IT controls, and partners with cross-functional teams to ensure compliance with internal policies and industry best practices. The analyst will play a key role in maintaining the confidentiality, integrity, and availability of company data across on-premises and cloud environments. Essential Duties and Responsibilities Monitor security tools, dashboards, and alerts to identify and respond to threats in real time. Investigate and triage security events, escalating incidents when necessary. Conduct root-cause analysis and ensure proper remediation and documentation. Manage endpoint security policies, including antivirus, EDR/XDR, and patching compliance. Support vulnerability management programs by performing scans, analyzing results, and tracking remediation. Assist with internal and external security audits, assessments, and regulatory compliance efforts. Maintain and update security documentation, policies, and procedures. Evaluate third-party vendors for security risk and compliance requirements. Support identity and access management (IAM) processes, including provisioning/deprovisioning and periodic access reviews. Ensure proper enforcement of MFA, conditional access, and privileged account controls. Assist in developing security awareness content to educate employees on cybersecurity best practices. Contribute to ongoing improvement of security controls, monitoring, and reporting. Collaborate with IT, Operations, Compliance, and other teams to improve security posture. Participate in security-related projects including system hardening, tool deployment, and incident preparedness. Research and recommend new security tools, sta