Information Security Analyst IV

At TruStage, we’re on a mission to make a brighter financial future accessible to everyone.  We put people first, and work hand in hand with employees and customers to create a diverse and inclusive environment. Passionate about building insurance, investment and technology solutions, we push the boundaries of what’s possible. We need you to help us shape what’s next. You’ll be encouraged to share your experiences, ideas and skills to help others take control of their financial future.

Join a team that has received numerous awards for being a top place to work: TruStage awards and recognition

Job Summary

Under the guidance of Information Security management, the Information Security Analyst will primarily support the Incident Response process in a digital forensics capacity, while also contributing to the broader Threat Intelligence function within the Information Security team.  This hands-on role is responsible for conducting forensic investigations, handling escalations from the Information Security Incident Response Team, and supporting eDiscovery requests from Legal.  The analyst will apply sound forensic methodologies to collect, preserve, and analyze digital evidence, while also analyzing data from various cybersecurity tools and sources to identify and analyze emerging threats, assess vulnerabilities, and develop actionable insights.  The ideal candidate will have experience using tools such as Magnet Forensics Axiom Cyber, Splunk, Microsoft Defender, and the MITRE ATT&CK framework to detect, investigate, and respond to complex security incidents.  This role requires a strong analytical mindset, attention to detail, and the ability to work collaboratively across teams to enhance the organization’s security posture.  Excellent verbal and written communication skills are essential, as the analyst will be expected to clearly document findings, articulate technical concepts to non-technical stakeholders, and contribute to incident reports, threat briefings, and cross-functional discussions.

Job Responsibilities:
 

• Support Information Security Leadership regarding all aspects of the information security program, with minimal supervision. Responsibilities include facilitating the identification of risks throughout the organization, developing, reporting and monitoring formats on risk management issues and developing methodologies for the assessment of risks throughout the organization.
• Continuously monitor the internal and external landscape for relevant events, risks, and threats related to malicious code, vulnerabilities, and potential attacks.
• Coordinate and ensure cybersecurity related alerts and incidents are prioritized and responded to at all hours of the day.
• Remain current with emerging threats and share knowledge with colleagues to improve incident response processes.
• Participate in the creation and execution of tabletop exercises designed to identify gaps, improve skills, enhance communication and engage with key stakeholders.
• Review reports from tabletop exercises, vulnerability scans and penetration testing to identify weaknesses or gaps in existing security controls and provide recommendations where appropriate.
• Lead coordination, consultation, and assessment efforts to track and remediate events and alerts, directs response to related incidents, internal or external audits, and / or control assessments.
• Identify, report, and assist in resolving privacy, compliance or security violations and control gaps.
• Lead feedback with other IT teams to protect data from compliance, privacy or security compromise.
• Contribute to the strategic direction of the Information Security team to develop new capabilities, process efficiencies and goals.
• Participate in the development, review, ongoing maintenance and development of security policies, standards, processes, procedures and requirements to facilitate the establishment of common administrative controls for the delivery of security capabilities.
• Security Awareness: Develop content for organization wide and targeted security awareness training. Present relevant information security topics through a variety of forums depending on the audience.
• The above statement of duties is not intended to be all inclusive and other duties will be assigned from time to time.

The above statement of duties is not intended to be all inclusive and other duties will be assigned from time to time.

Job Requirements:

• Bachelor's degree in computer science, information systems or related field, or equivalent combination of education and/or related professional work experience.
• 5 or more years of demonstrated proficiency with an information security audit, assessment, engineering or architecture focus or comparable, professional experience.
• Proven ability to clearly and effectively communicate business and technical information, both verbally and in writing.
• Aptitude for speaking or communicating to varied groups of business and technical professionals.
• Experience in presenting technical material to a nontechnical audience and to senior management.
• Established skills and experience in the development of security policies, standards or other governance practices.
• Demonstrated relationship management and consulting skills, including ability to effectively influence and negotiate.
• Proven ability to provide high quality customer service. 
• Financial Services industry experience strongly preferred.
• Prior experience in law enforcement preferred

#LI-SW

If you’re ready to help make a difference, apply today. Please provide your Work Experience and Education or attach a copy of your resume.  Applications received without this information may be removed from consideration.

Compensation may vary based on the job level, your geographic work location, position incentive plan and exemption status.

Base Salary Range:

At TruStageTM, we believe a sound, inclusive benefits program is of vital importance, along with a flexible workplace that allows for work-life balance, career growth and retirement assistance. In addition to your base pay, your position may be eligible for an annual incentive (bonus) plan.  Additional benefits available to eligible employees include medical, dental, vision, employee assistance program, life insurance, disability plans, parental leave, paid time off, 401k, and tuition reimbursement, just to name a few. Beyond pay and benefits, we also recognize that flexibility, including working in a place you prefer, is essential to caring for our employees.  We will continue to strive to offer flexibility and invest in technology and other tools that will make hybrid working normal rather than an exception, so that when “life happens,” you can focus on what’s most important.

Accommodation request

TruStage is a place where everyone can bring their best self and thrive. If you need application or interview process accommodations, please contact the accessibility department.