Security Analyst II

Summary

Join BambooHR as a Security Analyst II and play a vital role in enhancing our organization's security posture. You will own cloud security incident response, monitor security alerts, conduct vulnerability assessments, and investigate security breaches. Responsibilities include developing security policies, collaborating with IT teams, delivering security awareness training, and leveraging AI technologies. This remote position requires a Bachelor's degree or equivalent experience, 3-5 years in information security, and strong understanding of security principles and tools. Excellent problem-solving and communication skills are essential. We offer a great company culture, comprehensive benefits, generous leave policies, and a 401k plan.

Requirements

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent work experience
• 3-5 years of experience in information security or a related field
• Strong understanding of security principles, techniques, and technologies
• Experience with security tools such as SIEM, IDS/IPS, firewalls, and antivirus software
• Proficiency in identifying problems and developing effective solutions
• Experience with AI tools to tackle cloud security challenges
• Proficiency with AWS and cloud security best practices
• Familiarity with regulatory requirements and industry standards such as ISO 27001, NIST, GDPR, and PCI-DSS
• Excellent problem-solving skills and attention to detail
• Strong communication skills, both written and verbal

Responsibilities

• Own cloud security incident response, ensuring rapid and effective handling of security incidents in cloud environments
• Monitor and analyze security alerts from various sources, including intrusion detection systems, firewalls, and other security tools
• Conduct vulnerability assessments and penetration testing to identify potential security weaknesses
• Investigate security incidents and breaches, perform root cause analysis, and implement corrective actions
• Develop and maintain security policies, procedures, and guidelines in accordance with industry best practices and regulatory requirements
• Collaborate with IT and development teams to ensure secure design and implementation of systems and applications
• Assist in the development and delivery of security awareness training for employees
• Stay up-to-date with the latest security trends, threats, and technologies to proactively address potential risks
• Participate in security audits and assessments, both internal and external
• Provide guidance and support to junior security analysts and other IT staff
• Prepare and present reports on security incidents, vulnerabilities, and overall security posture to management
• Leverage AI and machine learning technologies to enhance threat detection, automate routine security tasks, and improve incident response times

Preferred Qualifications

• Relevant certifications such as CISSP, CISM, GSEC, CEH, or CompTIA Security+ are preferred
• You can patiently help others who are having difficult technical problems that may take a significant amount of time
• You love technology and see it as a hobby on top of a career
• You are an AWS Cloud Practitioner

Benefits

• Comprehensive health, life, and disability insurance
• Generous leave policies that include 4 weeks of vacation, 12 company holidays, parental leave, and volunteer time off so you can enjoy quality of life
• 401k plans with up to 6% company match
• $2000 Paid-Paid Vacation bonus
• EAP through Headspace