About the Role

We are seeking an experienced Information Security Analyst II to join our cybersecurity team. In this advanced mid-level role, youll take ownership of complex security investigations, threat analysis, and incident response across a dynamic enterprise environment. With at least 7 years of experience, you will bring both technical expertise and sound judgment to help drive our security operations forward.

Youll work closely with security engineers, IT teams, and business stakeholders to ensure our systems and data remain secure, compliant, and resilient against ever-evolving cyber threats.

Key Responsibilities

• Monitor, analyze, and respond to security events and incidents using SIEM, EDR, and other tools
• Lead complex investigations, coordinate containment, and support recovery efforts
• Perform vulnerability assessments and ensure timely remediation with stakeholders
• Refine and expand security monitoring rules, alerts, and detection logic
• Maintain and enhance incident response playbooks and documentation
• Support compliance with frameworks such as NIST, ISO 27001, PCI-DSS, or HIPAA
• Collaborate with internal teams to implement and enforce security controls and best practices
• Stay current on emerging threats, attack techniques, and cybersecurity trends

Required Qualifications

• 7+ years of experience in cybersecurity or IT security operations
• Strong experience in incident response, threat analysis, and vulnerability management
• Proficiency with SIEM platforms (e.g., Splunk, Sentinel, QRadar) and EDR solutions
• In-depth understanding of network protocols, firewalls, and intrusion detection/prevention systems
• Familiarity with MITRE ATT&CK, threat intelligence platforms, and security automation
• Strong communication and problem-solving skills; ability to lead cross-functional incident investigations
• Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience)

Preferred Qualifications (Nice to Have)

• Industry certifications such as CISSP, GCIH, CySA+, CISM, or CEH
• Hands-on experience with cloud security (AWS, Azure, or GCP)
• Experience with scripting or automation (Python, PowerShell, etc.)
• Familiarity with secure configuration baselines and hardening standards (CIS, NIST, etc.)