E logo

Sr Information Security Analyst

Expert In Recruitment SolutionsJersey City, NJ

Automate your job search with Sonara.

Submit 10x as many applications with less effort than one manual application.1

Reclaim your time by letting our AI handle the grunt work of job searching.

We continuously scan millions of openings to find your top matches.

pay-wall

Overview

Remote
On-site

Job Description

Required• 5+ years of relevant information security experience (or 3+ years in IT systems administration with 2+ years of security responsibilities)• Cloud security experience with GCP or Azure and strong knowledge of cloud security frameworks• Expertise in incident response, system monitoring/analysis, and risk assessments aligned with compliance and privacy laws• Hands-on experience with email security platforms such as Proofpoint (threat protection, phishing detection, and email filtering)• Experience implementing and managing Microsoft Purview DLP, including policy creation, data classification, and incident response for sensitive data protection• Experience with compliance requirements: HITRUST, PCI, NIST, HIPAA, SOC2• Experience across multiple platforms: Windows, Linux/Unix, macOS; networks and endpoints• Experience with vulnerability assessments and penetration testing engagements• Experience with change management and project management• Excellent technical writing and presentation skills; able to translate technical risk into clear business impactPreferred
  • CCSP preferred; other certs: AZ 500, AWS Security Specialty, GCP Professional Cloud Security Engineer.
  • Experience securing Azure, AWS, GCP in enterprise/hybrid environments.
  • Familiarity with NIST CSF, ISO 27001, CIS Benchmarks, MITRE Telecommunication&CK.
  • Automation, scripting experience a plus.
Responsibilities:Cloud & Enterprise Security (SME)
  • Serve as SME on security fundamentals, techniques, and technologies across Azure, AWS, GCP, and on prem environments.
  • Guide cloud security architecture: IAM, encryption/key management, network controls, data protection, workload hardening.
  • Implement process improvements aligned to security frameworks (NIST CSF/800 53, ISO 27001) and business needs; optimize technology to improve customer experience.
Security Operations & Incident Response
  • Implement and monitor controls for unusual and suspicious activity across endpoints, networks, and cloud platforms.
  • Perform advanced monitoring, data/log analysis, threat hunting, and forensic investigations; contribute to SOC/IR workflows.
  • Plan, contribute to, and participate in incident plan exercises and tabletop scenarios.
Governance, Risk & Compliance (GRC)
  • Draft or revise local policies, standards, guidelines, and procedures to supplement enterprise frameworks; identify and remediate gaps based upon NIST standards.
  • Interface with internal/external auditors and examiners; maintain vendor management standards, questionnaires, and regulatory documentation (HITRUST, PCI, NIST, HIPAA, SOC2).
  • Review contracts and provide security guidance; support project scoping, costing, and cost–benefit analyses.
Stakeholder Engagement & Communication
  • Act as a liaison for the security team; clearly communicate business risk as it relates to information security.
  • Create technical documentation (reports, white papers, technical notes, implementation/configuration guides).
  • Use visual aids to convey complex topics to large, diverse audiences; communicate clearly in high pressure, high visibility situations.
Continuous Improvement
  • Recommend new security solutions and improvements that do not impede innovation.
  • Stay current with the evolving threat landscape; consistently learn and grow to remain a step ahead of attackers.
Technical ExpertiseCloud Security (Azure, AWS, GCP)
  • GCP: IAM, Security Command Center, Cloud Audit Logs, VPC Service Controls, CMEK/KMS, Cloud Armor, Workload Identity; container security (GKE).
  • Azure: Defender for Cloud, Microsoft Sentinel, Entra ID (Azure AD), Conditional Access, Key Vault, NSGs/Azure Firewall, storage encryption, Defender for Endpoint integration.
  • AWS: IAM roles/policies, Security Hub, GuardDuty, KMS, CloudTrail/CloudWatch, VPC security controls, AWS WAF, Secrets Manager. (experience with AWS is not required)
Additional Technologies
  • Operating Systems: Linux, Windows Server, Windows Desktop; hardening, patching, CIS Benchmarks.
  • Forensics & eDiscovery: Symantec, Purview, Proofpoint; email/file discovery; incident response.
  • Network & Perimeter: Palo Alto firewalls, URL filtering, DNS blackhole/geo filtering, WildFire; F5 AWAF.
  • SIEM & Logging: MS Sentinel, MDE, Elastic; Endpoint management/log forwarding. Microsoft Data Lake, CRIBL
  • Vulnerability & AppSec: Qualys, NexusIQ; OWASP aligned testing and remediation.
  • Endpoint: Microsoft Defender, Microsoft ATP/Defender for Endpoint.
  • Identity & MFA: Okta, Microsoft (Entra ID MFA).
  • Core Services: DNS zone management; network micro segmentation; zero trust aligned controls.
  • Secure Productivity: Securing Microsoft 365 (Exchange Online, SharePoint/OneDrive, Teams, Purview).

Automate your job search with Sonara.

Submit 10x as many applications with less effort than one manual application.

pay-wall

FAQs About Sr Information Security Analyst Jobs at Expert In Recruitment Solutions

What is the work location for this position at Expert In Recruitment Solutions?
This job at Expert In Recruitment Solutions is located in Jersey City, NJ, according to the details provided by the employer. Some roles may also include multiple work locations depending on the requirement.
What pay range can candidates expect for this role at Expert In Recruitment Solutions?
Employer has not shared pay details for this role.
What employment applies to this position at Expert In Recruitment Solutions?
The employer has not provided this information. This may be discussed during the hiring process.
What is the process to apply for this position at Expert In Recruitment Solutions?
You can apply for this role at Expert In Recruitment Solutions either through Sonara's automated application system, which helps you submit applications 10X faster with minimal effort, or by applying manually using the direct link on the job page.