Information Security Analyst

Information Security Analyst at Atlas Technica

Atlas Technica is seeking a skilled Information Security Analyst to join its rapidly growing organization. This highly technical, remote role offers excellent career development opportunities and involves working closely with the Chief Information Security Officer (CISO) and various teams to maintain and improve the security posture of Atlas and its clients, primarily hedge funds and investment firms. As a new position, this role will evolve, providing significant opportunities for growth and adaptation.

About Atlas Technica

Atlas Technica shoulders IT management, user support, and cybersecurity for hedge funds and other investment firms. Founded in 2016, the company has achieved consistent year-over-year growth through an uncompromising focus on service. Atlas Technica values ownership, execution, growth, intelligence, and camaraderie, fostering a professional yet friendly environment that promotes professional and career development for its global team members. The company offers a competitive salary, comprehensive benefits, and great perks.

Responsibilities

Vulnerability Management

• Review vulnerability reports and research scalable solutions for remediation.
• Collaborate with Support/NOC to ensure remediations have minimal client impact and facilitate maintenance windows.
• Work with CS/Engineering to script and automate remediation processes.
• Track progress in ticketing systems, including master tickets for multi-client initiatives and sub tickets for individual clients.
• Address vulnerabilities for clients' third-party vulnerability management, including overlap with Cavelo, and apply remedies to other clients.

Risk Management And Due Diligence

• Provide accurate and timely responses to Due Diligence Questionnaires (DDQs).
• Review and analyze findings from risk assessments and penetration tests for Atlas and its clients.
• Address identified vulnerabilities and recommend effective remediation strategies.
• Participate in Business Impact Analyses and tabletop exercises to enhance organizational resilience.

Industry Benchmark Alignment And Standards Updating

• Measure alignment with Microsoft benchmarks in Intune and work to increase the security score.
• Address vulnerabilities and issues identified in workstation builds, cloud infrastructure configurations, and security configurations.
• Harden systems to enhance overall security across workstations, cloud infrastructure, and security configurations.

SOC 2 Maintenance And Additional Security Tasks

• Perform test restores to ensure data integrity and recovery capabilities.
• Conduct reviews of KnowBe4 phishing tests and training programs.
• Review SIEM logs for security events and anomalies.
• Assist in addressing cybersecurity incidents efficiently.
• Work with NOC and outsourced SOC on remediation runbooks.
• Perform additional tasks as assigned to support the security team and organization's goals.

Requirements

• Strong understanding of cybersecurity principles and practices.
• Experience with vulnerability management and remediation.
• Familiarity with Microsoft Intune and security benchmarks.
• Excellent analytical and problem-solving skills.
• Ability to work collaboratively with cross-functional teams.
• Strong communication skills, both written and verbal.
• Strong ability to work independently.
• Experience with security tools (SIEM, IDS/IPS, vulnerability scanners).
• Experience with RMM/SOAR and other automation platforms.
• Experience scripting.
• Experience writing runbooks.

Desirable Qualities

• Experience working in an MSP environment (preferred, but not required).
• Relevant certifications (AZ-500, SC-900, SC-300, CompTIA Security+, etc.).

Key skills/competency

• Vulnerability Management
• Risk Assessment
• Cybersecurity Principles
• Microsoft Intune
• SIEM
• Scripting
• Automation
• Incident Response
• SOC 2 Compliance
• Communication Skills