Information Security Analyst

Job Summary

Managing security operations and compliance efforts, the full-time Information Security Analyst will monitor alerts, manage vulnerabilities, and support incident response activities while working remotely from Maryland.

Key responsibilities

• Monitor and triage alerts across the SIEM platform, managing the vulnerability lifecycle and conducting threat hunting activities
• Support SOC 2 Type II compliance efforts, including evidence collection and control testing, while maintaining security policies and conducting risk assessments
• Collaborate with IT and Engineering teams to embed security best practices and prepare reporting on security metrics and compliance posture

Required qualifications

• 3-5 years of experience in an information security role with exposure to technical operations and compliance functions
• Hands-on experience with SIEM platforms such as Splunk or Microsoft Sentinel
• Working knowledge of vulnerability management tools like Tenable Nessus/IO or Qualys
• Understanding of SOC 2 Trust Service Criteria and the NIST Cybersecurity Framework
• Familiarity with common attack techniques and defensive countermeasures, with MITRE ATT&CK knowledge being a plus