Security Analysts

We are seeking a detail-oriented and highly organized Security Analyst with a strong focus on the documentation of security findings. This role requires the ability to analyze security incidents, document findings comprehensively, and provide clear, actionable reports to both technical and non-technical stakeholders. The ideal candidate will have a keen eye for detail, excellent writing skills, and a solid understanding of cybersecurity principles.

• Incident Documentation: Review security incidents and vulnerabilities, documenting all findings clearly and accurately. Ensure that findings are categorized, prioritized, and assigned appropriate severity levels.
• Security Reporting: Prepare detailed reports on security issues, including root cause analysis, impact assessments, and recommended remediation actions. Reports should be tailored to different stakeholders, from technical teams to executive leadership.
• Tracking and Follow-up: Maintain a clear and organized system for tracking open findings, vulnerabilities, and remediation efforts. Follow up regularly to ensure issues are being addressed in a timely manner.
• Collaboration with Teams: Work closely with Security Operations, Threat Intelligence, and IT teams to gather relevant data, understand technical details, and ensure comprehensive documentation of findings.
• Continuous Improvement: Assist in refining documentation processes, templates, and reporting standards to improve efficiency and clarity.
• Knowledge Sharing: Contribute to the development of internal security knowledge base, documenting lessons learned, common vulnerabilities, and best practices for future reference.
• Compliance Support: Ensure that all documentation complies with internal policies and external regulatory requirements (e.g., GDPR, HIPAA, PCI DSS).
• Security Tools Utilization: Use security tools and platforms (such as SIEM, ticketing systems, vulnerability management tools) to document and track findings.

• Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent work experience).
• Experience: 2+ years of experience in cybersecurity, with a focus on incident documentation, analysis, or reporting.
• Technical Knowledge: Familiarity with common security threats, vulnerabilities, and security frameworks (e.g., OWASP, NIST).
• Strong Writing Skills: Exceptional written communication skills with the ability to document complex technical issues clearly for both technical and non-technical audiences.
• Attention to Detail: Ability to review and document security findings meticulously, ensuring accuracy and clarity.
• Familiarity with Security Tools: Experience with security tools like SIEM (Security Information and Event Management), vulnerability scanners, ticketing systems (Jira, ServiceNow, etc.), and similar platforms.
• Analytical Thinking: Ability to analyze complex security incidents and break them down into understandable documentation, identifying root causes and trends.
• Problem-Solving: Proactive in identifying gaps in documentation processes and recommending solutions to enhance clarity, consistency, and effectiveness.

• Certifications: Certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or similar are a plus.
• Knowledge of Regulatory Standards: Familiarity with industry regulations and compliance standards such as GDPR, HIPAA, PCI DSS, and ISO/IEC 27001.
• Security Operations Knowledge: Exposure to Security Operations Center (SOC) environments or incident response teams.
• Experience with Threat Intelligence: Understanding of threat intelligence concepts and how to document emerging threats and vulnerabilities.