InfoSec Analyst/Engineer

Job Description Summary The InfoSec Analyst/Engineer serves as the primary point of contact for assessing and managing risk across workforce devices, networks, enterprise applications, and cloud infrastructure "” including modern technologies such as serverless architectures and APIs.Principal Responsibilities and DutiesMonitor various enterprise security tools for vulnerabilities, threats and risks.Escalate and manage cyber security and endpoint risk.Collaborate with technology teams to integrate security into development processesAudit and enhance security measures for existing and new applicationsCreating or delivering training for security awarenessSupport SOX audits, PCI-DSS assessments, vulnerability evaluations, and penetration testingDeliver regular security status updates to leadershipEssential Skills/QualificationsAt least 5 years of experience providing guidance and oversight of security concepts.At least 5 years of experience performing security risk assessments and security architecture reviews.At least 5 years of experience with architecture, software design, networking or cloud infrastructure.Strong familiarity with penetration testing, vulnerability management, OWASP Top 10, thread modeling, offensive or defensive security techniques.Familiarity with security frameworks such as NIST CSF, ISO/IEC 27001, or CIS Controls.Proven experience with incident response processes, playbooks, and post-incident reviews.Experience working with SIEM/ROAR tools.Proficiency in scripting (Python, Bash, etc.) for automation of security tasks and integration into CI/CD pipelines.Proven experience in securing a public cloud environment, AWS preferred.Retail ecommerce experiences a BIG PLUS.Experience in a regulated environment such as Sarbanes Oxley (SOX).BS in Computer Science, Cyber Security, Engineering or Information System, or equivalent work experience.Other Important Factors Think like a hacker - Ability to adopt an offensive security mindset to identify and mitigate potential attack vectors.Must be a self-starterExtremely methodical

Created: 2025-10-02