Security Analyst
Description:
Job Title: Security Analyst
Location: Boston, MA (Hybrid)
Department: Infrastructure/Security
Job Type: Full Time
Reports To: Information Security Lead
About the Role
We are seeking a detail-oriented and proactive Security Analyst to join our growing security team. This role is critical in protecting our organization’s systems and data from cyber threats. The ideal candidate will have a strong technical background, keen analytical skills, and a passion for staying ahead of evolving security risks.
Key Responsibilities
Monitor networks, systems, and applications for security threats and vulnerabilities.
Investigate security incidents, perform root cause analysis, and develop remediation plans.
Respond to alerts generated by security tools (SIEM, IDS/IPS, antivirus, etc.).
Perform architectural review of new system design/software
Conduct regular vulnerability assessments and penetration testing.
Audit systems and applications to ensure security standards are being met and maintained.
Collaborate with IT and engineering teams to implement security best practices.
Assist in maintaining and updating security policies, procedures, and documentation.
Support compliance initiatives (e.g., NIST, PCI-DSS)
Stay informed of the latest security trends, tools, and technologies.
Requirements
Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent work experience).
2–4 years of experience in an information security or SOC role.
Experience with endpoint protection tools, firewalls, IDS/IPS, and vulnerability scanners.
Solid understanding of TCP/IP, common network protocols, and operating system internals.
Excellent problem-solving, analytical, and communication skills.
Preferred Qualifications
Security certifications such as Security+, CEH, GSEC, or CISSP.
Experience in cloud security (AWS, Azure, or GCP).
Scripting or automation skills (Python, Bash, PowerShell).
Experience with the following security platforms:
Palo Alto
Microsoft Defender Suite
Zscaler ZPA/ZIA
Vulnerability Management Software (Rapid7 or similar)
Experience with industry standards and compliance (e.g. NIST, PCI-DSS)