Information Security Analyst

The Information Security Analyst is responsible for understanding and providing appropriate surveillance for the critical cyber threats to Insureon’s Information Systems. The Information Security Analyst will lead development and implementation of security policies and procedures, leverage Network Monitoring, Logging and Security Incident Event Management (SIEM) systems to produce alerts, audit data and reporting to detect suspicious activity and will analyze the threat data to help the Information Security team to determine what response is appropriate. This position will also participate in Incident Responses to analyze and perform forensics analysis to help determine the root cause and recommend corrective measures. We’re looking for a self-starter with strong technical skills in the field.

Position Responsibilities

  • Understand and stay current with the critical threats to our IT infrastructure and SaaS applications by continually analyzing cyber threat intelligence sources and techniques utilized by cybercriminals
  • Promote a proactive approach to addressing the changing threat landscape by recommending and implementing architectural improvements to security infrastructure
  • Provide Incident Response leadership, triage, discovery, technical resolution, and inter-team communication during any security events
  • Evaluate security threats, assess the potential impact to the business, and implement strategies to detect and generate alerts on security incidents
  • Determine what data traffic should be logged and/or monitored to correlate and quickly assess security events
  • Apply business intelligence to analyze data from logs and monitoring to produce meaningful alerts and reports for potential security incidents
  • Analyze data collected to determine if there are any security anomalies that require further action, and if so classify and document the incident, escalate significant security incidents
  • Must provide situational awareness during significant security incidents through clear and concise communication to appropriate personnel
  • Work collaboratively with IT and Software Development to continually improve our security posture
  • Perform forensics analysis when necessary
  • Provide input on emerging threats to executives to update our corporate risk analysis
  • Evaluate and recommend new security technologies, processes and methodologies
  • Ability to fully understand the current and emerging cyber threats to our business and help after assessing the risks design, implement and maintain innovative solutions and processes that protect us from these threats
  • Must be detailed oriented and possess strong research and analytical skills to be able to discern significant patterns related to cyber threats
  • Ability to work collaboratively across the entire organization
  • Must be self-driven, organized, ethical, positive attitude, creative, resourceful and passionate about security
  • Well versed in security issues affecting financial service organizations as well as widespread data center operations, such as cloud and mobile technology solutions

Experience Requirements

  • Bachelor’s Degree in InfoSec, Computer Science, or a related discipline
  • Minimum 5 years of IT experience involving firewalls, patch management, vulnerability scanning, packet sniffers, intrusion prevention, and SIEM
  • Must include experience writing rules for WAFs and SIEMs and developing effective monitoring and alerting for suspicious activity
  • Experience collecting data from multiple sources and consolidating results into analytic models, alerts, and reports
  • Experienced meeting corporate security policies and regulatory requirements
  • Strongly prefer a relevant security certification such as
  • Certified Information Systems Security Professional (CISSP)
  • Systems Security Certified Practitioner (SSCP)
  • Certified Information Security Manager (CISM)
  • GIAC Security Expert (GSE)
  • GIAC Systems and Network Auditor (GSNA)
  • Computer Security Incident Handler (CSIH)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • Certified Ethical Hacker (CEH)


Leave a Reply