Job Description

Job Description Summary

The InfoSec Analyst/Engineer serves as the primary point of contact for assessing and managing risk across workforce devices, networks, enterprise applications, and cloud infrastructure — including modern technologies such as serverless architectures and APIs.

Principal Responsibilities and Duties

• Monitor various enterprise security tools for vulnerabilities, threats and risks.
• Escalate and manage cyber security and endpoint risk.
• Collaborate with technology teams to integrate security into development processes
• Audit and enhance security measures for existing and new applications
• Creating or delivering training for security awareness
• Support SOX audits, PCI-DSS assessments, vulnerability evaluations, and penetration testing
• Deliver regular security status updates to leadership

Essential Skills/Qualifications

• At least 5 years of experience providing guidance and oversight of security concepts.
• At least 5 years of experience performing security risk assessments and security architecture reviews.
• At least 5 years of experience with architecture, software design, networking or cloud infrastructure.
• Strong familiarity with penetration testing, vulnerability management, OWASP Top 10, thread modeling, offensive or defensive security techniques.
• Familiarity with security frameworks such as NIST CSF, ISO/IEC 27001, or CIS Controls.
• Proven experience with incident response processes, playbooks, and post-incident reviews.
• Experience working with SIEM/ROAR tools.
• Proficiency in scripting (Python, Bash, etc.) for automation of security tasks and integration into CI/CD pipelines.
• Proven experience in securing a public cloud environment, AWS preferred.
• Retail ecommerce experiences a BIG PLUS.
• Experience in a regulated environment such as Sarbanes Oxley (SOX).
• BS in Computer Science, Cyber Security, Engineering or Information System, or equivalent work experience.

Other Important Factors

Think like a hacker - Ability to adopt an offensive security mindset to identify and mitigate potential attack vectors.

Must be a self-starter

Extremely methodical

Job Tags

Similar Jobs