Analyst, Information Security

Your Impact on our Mission

As an Information Security Analyst, you'll play a key role in day-to-day security operations at Zocdoc. You'll support the Detection & Response team by triaging alerts, monitoring logs, reviewing endpoint activity, and helping us stay on top of potential risks across our systems and users. Your work will be critical to keeping our environments secure, compliant, and resilient.

This is a junior-level individual contributor role, ideal for someone early in their security career who wants exposure to real-world threats, enterprise tooling, and a wide variety of processes. You'll report to the Manager of Information Security and collaborate closely with senior engineers, infrastructure, and compliance stakeholders. Whether you're based in NYC or working remotely, you'll join a mission-driven team dedicated to making healthcare more simple, transparent, and accessible.

You'll enjoy this role if you are…

• Curious and eager to learn more about cybersecurity and how real-world incidents unfold.
• Motivated by solving problems, digging into alerts, and connecting dots in noisy data.
• Excited to work with tools like SIEMs, End Point Protection, and DLP systems, even if you haven't used them all yet.
• Someone who takes initiative, asks good questions, and follows through with attention to detail.
• Comfortable communicating findings to teammates and cross-functional partners

Your day to day is…

• Triaging alerts from our SIEM and EDR platforms to determine severity and next steps.
• Monitoring system, application, and audit logs for suspicious activity or violations of policy.
• Participating in our threat hunting program by researching anomalies or unusual patterns.
• Supporting our DLP (Data Loss Prevention) program by reviewing flagged events and escalating as needed.
• Running scheduled user activity risk reviews and investigating findings with guidance.
• Responding to security-related questions from across the company and providing helpful, informed guidance.
• Assisting with maintenance and tuning of security tooling, including SIEM, Endpoint Protection and DLP.
• Documenting procedures, playbooks, and investigation notes to improve team knowledge.

You'll be successful in this role if you have…

• A foundational understanding of cybersecurity principles, log analysis, and threat detection.
• Exposure to security tools such as SIEMs (e.g., Rapid7, Splunk), EDR (e.g., Crowdstrike), or log management platforms.
• Experience working in or with cloud environments (AWS preferred), even if only at a basic level.
• Familiarity with operating systems like Windows, MacOS, or Linux from a system admin or support perspective.
• Strong organizational and communication skills-you can clearly describe what you're seeing and why it matters.
• A growth mindset and desire to learn from senior engineers and security peers.
• Typically 1-3 years of relevant experience in security, IT, systems administration, or audit/log analysis.
• Comfort working in a remote or hybrid team environment

Benefits

• Flexible, hybrid work environment at our convenient Soho location
• Unlimited Vacation
• 100% paid employee health benefit options (including medical, dental, and vision)
• Commuter Benefits
• 401(k) with employer funded match
• Corporate wellness programs with Headspace and Peloton
• Sabbatical leave (for employees with 5+ years of service)
• Competitive paid parental leave and fertility/family planning reimbursement
• Cell phone reimbursement
• Catered lunch everyday along with beverages and snacks
• Employee Resource Groups and ZocClubs to promote shared community and belonging
• Great Place to Work Certified