As Cyber Security Analyst for the industry leading employee wellbeing and engagement platform, you will Lead the team responsible for ongoing prevention, detection and response to cyber threats across all of the company’s systems.
Reporting to the Associate Director, InfoSec, your core responsibilities will include working with our InfoSec, CyperSecOps, CyberSecEng, Fraud Prevention, and Corporate Systems teams to ensure technical security controls are deployed and performing optimally.
Key responsibilities will include implementing and maintaining effective logging tools, monitoring tools and ensuring the security of data and systems through preventing, identifying and remediating weaknesses and vulnerabilities across our technical infrastructure, applications and platforms.
Assist a team of CyberSecOps Engineers and Cyber Security Analysts
Participate and lead internal and external audit efforts such as PCI, SOC2, ISO-27001, HITRUST.
Monitor AWS and Azure security dashboards (Guard Duty, Security Hub, VPC Flow Logs, Sentinel, etc).
Continuously assess endpoint security control coverage, escalating gaps to appropriate teams for corrective action where required.
Create and manage security metric dashboards for use within the team and provide management reporting.
Lead event analysis for network and system alerts in addition to anomalous platform activity, supporting internal and customer facing teams with accurate and timely log review and follow up.
Coordinate ongoing web application scanning and PCI compliance requirements.
Participate Red / Blue Team and CSIRT exercises, involving stakeholders across the business.
Regularly audit public IP space and DNS records including cloud hosting resources.
Manage cyber reputation tools to ensure findings are reviewed and resolved efficiently.
Deliver weekly reporting on core security metrics to applicable stakeholders.
Support business teams to interpret governance requirements into technical controls.
Manage relationships with security vendors and consultants.
Guide complex problems from identification to resolution, providing subject expertise to colleagues across the business.
Investigate, recommend and install security enhancements and operating procedures to enhance security posture and optimize workflows.
Ensure the confidentiality, integrity and availability of information being processed, stored, accessed or transmitted within systems and networks.
Support the planning and execution of business continuity and disaster recovery tests.
Serve as lead and escalation point for security events.
Coordinate with stakeholders across the business for mitigations pertaining to ongoing security threats to the organization as needed.