Search Services
Information Security Analyst and Engineer
Our Client is a leader in energy management and power trading, leveraging cutting-edge platforms to deliver secure and resilient operations. With a strong focus on protecting systems, data, and intellectual property, they are committed to building a world-class information security program that supports business growth while staying ahead of emerging cyber threats.
About the Role The Information Security Analyst and Engineer will play a key role in safeguarding mission-critical systems, ensuring compliance, and advancing the organization’s security maturity. This hybrid role blends hands‑on security engineering with proactive monitoring, incident response, and program improvement. The position will collaborate with consultants, managed service providers (MSPs), and internal stakeholders to realize a highly effective security strategy. Reporting directly to the Director of Information Security, the role also provides occasional support to the Infrastructure team with basic system administration and help desk duties.
Responsibilities
Develop and implement processes and technologies to enhance the security program and protect business platforms
Monitor security systems and analyze alerts, logs, and reports
Analyze vulnerability reports and track remediation across teams and systems
Provide metrics to evaluate security program effectiveness
Support security training and awareness programs, including phishing campaigns and in‑person sessions
Research emerging IT security trends, attack techniques, and defensive measures
Assist in designing secure architectures across applications and infrastructure
Support internal and external risk assessments, vendor reviews, and security audits
Analyze penetration test results and drive remediation
Contribute to security roadmaps and maturity assessments
Safeguard IT assets and intellectual property by recommending best practices and solutions
Participate in incident response planning, investigations, and compliance reviews
Enhance data loss prevention technologies and processes
Respond rapidly to incidents, conduct root cause analysis, and recommend mitigations
Support business continuity and disaster recovery planning and testing
Validate MSP‑delivered security solutions to ensure alignment with standards
Use automation to improve efficiency and effectiveness of security processes
Maintain and improve information security policies and ensure compliance
Qualifications
Bachelor’s degree in Computer Science, Information Security, or a related technical field
3–5 years of IT security experience, with hands‑on implementation and analysis
Proficiency with EDR or SIEM solutions for configuration and investigations
Competency with firewalls, email gateways, internet filters, and VPNs
Strong background in network security, protocols, and best practices
Understanding of operating system, network, and application security concepts
Familiarity with the NIST Cybersecurity Framework
Working knowledge of network and data center operations
Experience with hybrid, public cloud (Azure preferred), and SaaS environments
Strong analytical, troubleshooting, and problem‑solving skills
Excellent communication skills and attention to detail
Adaptability and eagerness to learn new technologies in a collaborative environment
Preferred Qualifications
Experience in the energy or financial services industries
Familiarity with regulatory compliance frameworks such as NERC CIP or SOX
Relevant certifications such as CISSP, CompTIA, or GIAC
Experience in Agile and DevSecOps environments
Scripting knowledge in PowerShell and/or Python
Seniority Level
Mid‑Senior level
Employment Type
Full‑time
Job Function
Information Technology
#J-18808-Ljbffr
About the Role The Information Security Analyst and Engineer will play a key role in safeguarding mission-critical systems, ensuring compliance, and advancing the organization’s security maturity. This hybrid role blends hands‑on security engineering with proactive monitoring, incident response, and program improvement. The position will collaborate with consultants, managed service providers (MSPs), and internal stakeholders to realize a highly effective security strategy. Reporting directly to the Director of Information Security, the role also provides occasional support to the Infrastructure team with basic system administration and help desk duties.
Responsibilities
Develop and implement processes and technologies to enhance the security program and protect business platforms
Monitor security systems and analyze alerts, logs, and reports
Analyze vulnerability reports and track remediation across teams and systems
Provide metrics to evaluate security program effectiveness
Support security training and awareness programs, including phishing campaigns and in‑person sessions
Research emerging IT security trends, attack techniques, and defensive measures
Assist in designing secure architectures across applications and infrastructure
Support internal and external risk assessments, vendor reviews, and security audits
Analyze penetration test results and drive remediation
Contribute to security roadmaps and maturity assessments
Safeguard IT assets and intellectual property by recommending best practices and solutions
Participate in incident response planning, investigations, and compliance reviews
Enhance data loss prevention technologies and processes
Respond rapidly to incidents, conduct root cause analysis, and recommend mitigations
Support business continuity and disaster recovery planning and testing
Validate MSP‑delivered security solutions to ensure alignment with standards
Use automation to improve efficiency and effectiveness of security processes
Maintain and improve information security policies and ensure compliance
Qualifications
Bachelor’s degree in Computer Science, Information Security, or a related technical field
3–5 years of IT security experience, with hands‑on implementation and analysis
Proficiency with EDR or SIEM solutions for configuration and investigations
Competency with firewalls, email gateways, internet filters, and VPNs
Strong background in network security, protocols, and best practices
Understanding of operating system, network, and application security concepts
Familiarity with the NIST Cybersecurity Framework
Working knowledge of network and data center operations
Experience with hybrid, public cloud (Azure preferred), and SaaS environments
Strong analytical, troubleshooting, and problem‑solving skills
Excellent communication skills and attention to detail
Adaptability and eagerness to learn new technologies in a collaborative environment
Preferred Qualifications
Experience in the energy or financial services industries
Familiarity with regulatory compliance frameworks such as NERC CIP or SOX
Relevant certifications such as CISSP, CompTIA, or GIAC
Experience in Agile and DevSecOps environments
Scripting knowledge in PowerShell and/or Python
Seniority Level
Mid‑Senior level
Employment Type
Full‑time
Job Function
Information Technology
#J-18808-Ljbffr