Information Security Analyst

Job Summary:

The Information Security Analyst plays a critical role in strengthening Midco's security defenses by proactively identifying vulnerabilities and implementing impactful solutions. They lead key initiatives that protect sensitive data and ensure our compliance with industry-leading standards. Collaborating closely with cross-functional teams, you’ll help drive a culture of security awareness and prevention, staying ahead of emerging threats. They contribute to continuous monitoring and rapid response efforts, safeguarding our company’s most valuable assets in an ever-evolving cyber landscape.

 

Responsibilities:

• Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security.
• Conduct vulnerability assessments and monitor systems, network, databases and Web for potential system breaches.
• Respond to alerts from information security tools. Report, investigate and resolve security incidents.
• Educate and communicate security requirements and procedures to all users and new employees.
• Recommend and implement changes to enhance systems security and prevent unauthorized access.
• Research security trends, new methods, and techniques used in unauthorized access of data in order to preemptively eliminate the possibility of system breach.
• Ensure compliance with regulations and privacy laws. May oversee internal or external systems security.
• (i.e. cloud services).
• Inventory, document, and evaluate the security status of network attached devices and identify opportunities to improve internal network segmentation.
• Participate in the evaluation of system and application changes to ensure company security policies and practices are followed.
• Assist with planning and implementing security measures to protect computer systems, networks and data.
• Proactively assesses potential items of risk and seek opportunities for mitigating threats.
• Works under moderate supervision with some latitude for independent judgment.
• Provide weekly, monthly and annual reports as necessary.
• Attend meetings to learn about business practices, and internal processes and procedures.
• Be willing to work on special projects as assigned.
• Model Midco's mission, vision, values, ethos, and Leadership Success Drivers, and inspire others to do the same.
• Ensure customer privacy by adhering to Midco's privacy guidelines while actively following Midco policies and procedures.
• Maintain reliable and predictable attendance as required by the position.
• Perform other duties as assigned.

Note: Management reserves the right to assign or reassign functions and responsibilities to this job description at any time.

 

Required Qualifications:

• Associate degree in Cybersecurity, IT, Computer Science, or equivalent experience/training.
• Minimum 3 years of cybersecurity experience or IT security experience.
• Knowledge and familiarity with network, computer, and application security best practices.
• Preferred technical knowledge or experience with: UNIX/Linux, MS Windows, Active Directory, Digital
• Certificates, SSL, VPN, IPSec, TCP/IP, DNS, web security architectures, Nessus.
• Requires solid foundational skills with continued growth toward advanced proficiency within the security discipline.
• Possession of at least 1 industry recognized security certification (e.g. CISSP, GSEC, etc.).

Preferred Qualifications:

• Technical knowledge or experience with: UNIX/Linux, MS Windows, Active Directory, Digital.
• Proficient in Microsoft Outlook and Word required and experience with Excel and PowerPoint.

Work Environment:

• May occasionally be required to reach with hands and arms, stoop, kneel, or crouch.
• Heavy keyboard/mouse usage required with repetitive movements.  
• Must remain at your desk or workstation for long periods of time.  
• The noise level in the work environment is moderate.
• May be required to work in excess of 40 hours per week and other than normal business hours, such as holidays, evenings and weekends as business demands.

Physical Demands:

• Primarily involves sitting for extended periods while working on a computer, attending meetings, or reviewing reports.
• Frequent use of hands and fingers for typing, writing, and operating standard office equipment (keyboard, mouse, phone, etc.).
• Ability to read detailed information on screens, dashboards, and printed materials; may require prolonged screen time.

Mental Demands:

• Ability to analyze complex security incidents and develop effective mitigation strategies under pressure.
• Requires strong attention to detail and critical thinking to identify potential vulnerabilities and threats.
• Must manage multiple tasks simultaneously while prioritizing urgent security issues.