Information Security Analyst

• Monitor, investigate, and respond to security alerts and incidents across systems, networks, and cloud environments. • Perform regular vulnerability assessments, patch verification, and risk remediation tracking. • Support security awareness programs and ensure employees adhere to company security policies, procedures and standards. • Assist in managing endpoint security tools (EDR, DLP, MDM, etc.) and identity/access management systems. • Collaborate with IT, DevOps, and engineering teams to implement secure configurations, code reviews, and cloud security best practices. • Conduct periodic access reviews and support audit and compliance efforts (SOC 2, ISO 27001, etc.). • Document incident response actions and recommend process improvements. • Contribute to risk assessments and control testing for new vendors, applications, and systems. • Stay current on emerging threats, vulnerabilities, and regulatory requirements impacting the business. • Demonstrate a business-first mindset.

• 3–5 years of hands-on experience in cybersecurity, information security, or IT risk. • Strong understanding of networking fundamentals, endpoint protection, and cloud security (AWS, Azure, or GCP). • Familiarity with SIEM platforms, SAST, DAST, vulnerability management tools, and incident response processes. • Familiarity and experience with common EDR platforms. • Knowledge of security frameworks such as NIST CSF, ISO 27001, or CIS Controls. • Excellent problem-solving and communication skills. • Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience). • Experience in fintech, financial services, or other regulated environments. • Exposure to compliance standards such as NFA, FCA, SOC 2, or ISO27001. • Relevant certifications (e.g., CompTIA Security+, CySA+, CEH, etc.). • Scripting or automation experience (Python, PowerShell) a plus.