Job Description

About the Role

Our client is looking for a sharp and proactive Information Security Analyst to join their IT team. In this role, you’ll be at the forefront of protecting the organization’s networks, servers, workstations, and endpoints against evolving cyber threats and vulnerabilities. You’ll also play an integral role in ensuring compliance with New York State Department of Financial Services (NYDFS) Cybersecurity Regulation 23 NYCRR 500—a critical framework for regulated financial entities. If you thrive in a fast-paced security environment and enjoy both the analytical and collaborative sides of cybersecurity, this is an excellent opportunity to grow your career with a respected organization.

What You’ll Do

• Monitor networks, servers, workstations, and endpoints for anomalous or suspicious activity
• Configure and manage security toolsets to generate meaningful alerts and reduce noise
• Conduct security assessments, penetration tests, and threat simulations to evaluate organizational risk
• Develop, maintain, and enforce documented security policies and procedures
• Coordinate with internal teams and external partners on audits, assessments, and remediation activities
• Lead and support security awareness efforts including phishing simulations, social engineering tests, and vishing exercises
• Respond to security incidents, threats, and vulnerabilities—triaging, investigating, and documenting findings
• Prepare clear, standardized reports detailing threats, risks, and recommended mitigation steps
• Document security monitoring and incident response procedures; cross-train staff to build organizational resilience
• Assist with company-wide system upgrades and ad-hoc security support requests

Security Tools & Technologies

You’ll leverage a robust security stack, including:

• SIEM (Security Information and Event Management) platforms
• Carbon Black Detect and Protect (EDR)
• Anti-malware and endpoint protection solutions
• Firewall policy management and rule configuration
• Microsoft Intune compliance and device management policies
• Operating system hardening tools and best practices

Qualifications

• Bachelor’s degree in Information Systems, Cybersecurity, Computer Science, or a related field—or 8+ years of equivalent hands-on experience
• Solid understanding of network protocols, operating systems, and virtualization hypervisors
• Familiarity with cybersecurity frameworks and standards including NIST, ISO 27001, and CIS Controls
• Proven ability to analyze complex data sets to identify anomalies and potential threats
• Experience with NYDFS Cybersecurity Regulation 500 or similar regulatory compliance frameworks is a strong plus
• Security certifications such as CISSP, GIAC (GSEC, GCIH, etc.), or CEH are desirable but not required
• Ability to translate business requirements into practical, technical security solutions
• Demonstrated ability to quickly learn and adapt to new technologies and threat landscapes
• Excellent written and verbal communication skills; comfortable presenting findings to technical and non-technical audiences
• Strong organizational skills with the ability to manage multiple priorities and meet deadlines

Why Join Our Client?

Our client is a well-established, regulated organization with a mature IT environment and a genuine commitment to information security. You’ll have the opportunity to shape security practices, work alongside a collaborative IT team, and build expertise in a compliance-driven industry. This is an ideal role for a security professional who wants ownership, variety, and the chance to make a meaningful difference.

• HYBRID schedule (2 days onsite/3 days remote after ~90 day onboarding period)
• Pension Plan !
• Generous Profit Sharing
• 401K with match

• 4 weeks PTO to start
• 5 days Sick time
• 10 Holidays
• Newly renovated work space including sit/stand desks