Information Security Analyst

Job Description

The Information Security Analyst will have primary responsibility for developing, documenting, executing, and maturing various program initiatives within the Information Security portfolio:

• Threat and Vulnerability management
• Incident response
• Identity and Access management
• Disaster Recovery
• Business Continuity
• Awareness & Education

Additionally, the Information Security Analyst will:

• Assist and support the CISO in all program areas and stand in as proxy when needed
• Regularly communicate with internal and external stakeholders regarding all aspects of the infosec program
• Support the security and IT teams with various efforts, projects, and programs
• Help ensure overall compliance with governance and security models (e.g. NIST Cybersecurity framework controls, Interactions policies, standards, and procedures)
• Respond to requests for assistance from business units and other internal customers
• Help manage relationships with existing security vendors and identify opportunities for improved engagements
• Contribute to ongoing document lifecycle of Interactions policies, standards, and procedures
• Look for opportunities to further develop and mature security program initiatives
• Keep CISO apprised of activities, issues, commitments, etc.
• Summarize technical details into high-level requirements for presentation to CISO and other management

• Bachelor’s degree in Computer Security or related discipline preferred
• Strong understanding of information security concepts, frameworks, and best practices
• Strong understanding of vulnerability management techniques, tools, and assessment frameworks (i.e. CVSS, EPSS, KEV). Familiarity with Rapid7 InsightVM strongly preferred.
• Ability to take initiative and work both independently and as part of a team.
• Proven ability to communicate effectively with all levels of an organization
• Ability to build consensus and influence key internal stakeholders
• Comfortable working in a fast-paced and evolving environment
• Excellent project management skills
• 3+ years of related experience preferred
• Certification, or pursuit of certification in cybersecurity
• Experience with security controls for operating systems, applications, and networks.
• Experience with MITRE/CVE and similar vulnerability reporting frameworks
• Familiarity with the business impact of security tools, technologies and policies
• Solid knowledge of operating systems, networks, TCP/IP, and related concepts
• Working knowledge of the following concepts and/or tools:
  • Threat and Vulnerability management
  • Cybersecurity frameworks (e.g., NIST CSF, CIS 18, ISO27001)
  • Risk Management
  • Disaster recovery and Business continuity
  • Network security tools and appliances
  • Identity and access management, single sign-on, and related tools
  • IDS/IPS, EDR, SIEM, and related tools
  • Common web application security vulnerabilities
  • CMMI or similar maturity models

Why Work at Interactions?

We've created a culture of people who are dedicated to helping each other and the company succeed. We take time to celebrate wins and recognize accomplishments. Whether it’s a seasonal event or friendly competition, we’re always thinking of new ways to have fun.

Our team's health and well-being is important to us. In addition to a full suite of benefits, we offer 5 weeks of time off with pay, 401k matching, paid parental leave and flexible work schedules. We are all committed to the company’s success by being valued shareowners and are incentivized through individual performance and company results. Come join us!

Interactions is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, marital status, age, disability or protected veteran status, or any other characteristic protected by law.