Information Security Analyst

About Atlas Technica

Atlas Technica shoulders IT management, user support, and cybersecurity for hedge funds and other investment firms. Founded in 2016, we have consistently grown through an uncompromising focus on service. We value ownership, execution, growth, intelligence, and camaraderie, seeking individuals who share these core values and contribute to a customer-first environment. We offer a competitive salary, comprehensive benefits, and great perks, fostering a professional yet friendly atmosphere that promotes professional and career development for our team members.

The Opportunity: Information Security Analyst

We are seeking a skilled Information Security Analyst to join our rapidly growing organization. This is a highly technical role offering excellent career development opportunities. You will collaborate closely with the Chief Information Security Officer (CISO) and various teams to enhance the security posture of Atlas Technica and its clients. As a new position, this role provides significant opportunities for evolution and growth.

Key Responsibilities

• Vulnerability Management: Review vulnerability reports, research scalable remediation solutions, and collaborate with Support/NOC to ensure minimal client impact. Automate remediations with CS/Engineering and track progress in ticketing systems. Address third-party vulnerability management for clients and apply remedies across the client base.
• Risk Management and Due Diligence: Provide accurate and timely responses to Due Diligence Questionnaires (DDQs). Analyze findings from risk assessments and penetration tests, recommending and addressing remediation strategies. Participate in Business Impact Analyses and tabletop exercises to improve organizational resilience.
• Industry Benchmark Alignment and Standards Updating: Measure and improve alignment with Microsoft benchmarks in Intune. Address vulnerabilities and harden systems across workstation builds, cloud infrastructure, and security configurations.
• SOC 2 Maintenance and Additional Security Tasks: Perform test restores, review KnowBe4 phishing tests and training, and monitor SIEM logs. Assist in addressing cybersecurity incidents and work with NOC and outsourced SOC on remediation runbooks. Perform other security-related tasks as assigned.

Required Skills and Experience

• Strong understanding of cybersecurity principles and practices.
• Experience with vulnerability management and remediation.
• Familiarity with Microsoft Intune and security benchmarks.
• Excellent analytical and problem-solving skills.
• Ability to work collaboratively with cross-functional teams.
• Strong communication skills, both written and verbal.
• Strong ability to work independently.
• Experience with security tools (SIEM, IDS/IPS, vulnerability scanners).
• Experience with RMM/SOAR and other automation platforms.
• Experience scripting.
• Experience writing runbooks.

Desirable Qualities

• Experience working in an MSP environment (preferred, but not required).
• Relevant certifications (AZ-500, SC-900, SC-300, CompTIA Security+, etc.).

Key skills/competency

• Cybersecurity Principles
• Vulnerability Management
• Risk Assessment
• Security Benchmarks
• Microsoft Intune
• SIEM
• Scripting
• Automation Platforms
• Incident Response
• Communication Skills