Security Operations Analyst

Summary

Join Capital Markets Gateway LLC (CMG) as a Security Operations Analyst and play a pivotal role in protecting our technology stack, data, and users. Work closely with Security, IT, and Engineering teams to ensure the security, resilience, and compliance of our cloud-first, distributed environment. This remote position demands high autonomy, initiative, and the ability to drive improvements across security operations and IT security. Monitor, triage, and respond to security alerts and incidents. Conduct root cause analysis, document incidents, and assist with post-incident reviews. Administer and enhance endpoint security for macOS and Windows, supporting company-owned devices. Support security and compliance controls in Azure AD, Office 365, and key SaaS platforms.

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or related field—or equivalent work experience
• 3+ years in security operations, IT security, or similar roles (fintech/regulated industry experience preferred)
• Strong proficiency in macOS and Windows 11 operating systems
• Hands-on experience with MDM/endpoint management tools (e.g., Intune)
• Working knowledge of BYOD security, scripting/automation, and cloud (Azure, O365) administration
• Familiarity with SaaS security, DLP, CASB, and vulnerability management tools
• Understanding of security frameworks (NIST CSF, ISO 27001) and regulatory requirements
• Strong analytical, investigative, and problem-solving skills
• Excellent written and verbal communication; ability to work independently and collaboratively

Responsibilities

• Monitor, triage, and respond to security alerts and incidents across endpoints, cloud, and SaaS environments
• Conduct root cause analysis, document incidents, and assist with post-incident reviews
• Develop and maintain incident response playbooks; participate in tabletop exercises
• Administer and enhance endpoint security for macOS and Windows, supporting company-owned devices
• Develop and manage endpoint hardening baselines, configurations, and compliance reporting
• Support automation and scripting efforts (e.g., PowerShell, Bash, Python) to improve monitoring and response
• Support security and compliance controls in Azure AD, Office 365, and key SaaS platforms
• Implement and monitor access controls, DLP policies, and secure configurations for cloud and SaaS solutions
• Collaborate with IT and Engineering on secure deployment and integration of new applications
• Participate in third-party and vendor risk reviews; contribute to risk assessments and audits
• Support the development and maintenance of security policies, procedures, and runbooks
• Track vulnerabilities (OWASP, CVSS), prioritize remediation with risk-based approaches, and maintain an up-to-date inventory of assets
• Engage proactively with peers and stakeholders across security, engineering, and business teams
• Deliver clear, actionable communication on risks, incidents, and security posture—tailored to both technical and non-technical audiences

Preferred Qualifications

• Experience with scripting (PowerShell, Bash, Python)
• Experience with SIEM (Microsoft Sentinel)
• Certifications: CompTIA Security+, Microsoft Certified: Security Operations Analyst Associate, or similar
• Exposure to security governance, risk management, and vendor risk processes
• Knowledge of security operations in a distributed, remote-first environment

Benefits

• 2 year+ contract
• 15 business days of vacation
• Tech courses and conferences
• Top-of-the-line MacBook
• Fully remote working environment
• Flexible working hours