Cyber-Security Risk Analyst

Information security analysts are responsible for improving the overall security posture of the organization. They evaluate, test and document security solutions and controls, and work closely with other security team members to remediate risk while ensuring the business can innovate.

Information security analysts must continually adapt to stay a step ahead of cyber attackers and stay up to date on the latest methods attackers use to infiltrate computer systems. Analysts in this role are expected to consistently learn and grow. This is not a passive role and requires a passion for security and rigor to protect the business.

Information security analysts collaborate with internal and external teams, along with technology management and business stakeholders.

Essential Job Duties

• Utilize and configure technical systems to monitor for unusual and suspicious activity across a wide range of products.
• Assist with security configuration standards for systems and business applications. 
• Serve as a member of the information security team to support change management processes. 
• Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met.
• Serve as an additional security team member, aiding in incident monitoring and incident response (IR) in partnership with the security operations center (SOC) teams.
• Maintain vendor management standards, questionnaires, and documentation to adhere to regulatory compliance.
• Interface with internal and external stakeholders for risk assessments.
• Recommend new security approaches and business process changes to support existing security controls; that do not negatively impact or severely impeded business innovation.
• Serve as a liaison for the security team regarding product team efforts.
• Perform other duties as assigned.

Skills and Experience

• At least 6-8 years of information security experience in incident response and system monitoring and analysis.
• Accustomed to working with Product and development teams as well. 
• Experience with compliance requirements (GLBA, PCI, HIPAA, SOX, etc.) is preferred.
• Ability to effectively communicate business risk as it relates to information security.
• Experience in conducting risk assessments that protect the business and adhere with compliance and privacy laws.
• Knowledge of multiple computing platforms, including Windows, OSX, Linux, Unix, networks, and endpoints and cloud platforms such as Azure, AWS, and Google Cloud.
• Experience with the application of threat intelligence, indicators of compromise (IOCs), and vulnerability Analysis 
• Experience working with MSSPs to support monitoring and response.

Additional Qualifications

• Possesses highly effective communications skills with the ability to influence business units. 
• Acts with integrity, takes pride in work, and seeks to excel, be curious and adaptable. 
• Displays an analytical and problem-solving mindset.
• Is highly organized and efficient.
• Leverages strategic and tactical thinking.
• Works calmly under pressure and with tight deadlines.
• Demonstrates effective decision-making skills.
• Is highly trustworthy and leads by example.
• Stays current with evolving threat landscape. 

Education Requirements

• Bachelor’s degree in computer science, information assurance, information systems/technology
• Will consider experience in lieu of a bachelor’s degree (4 years of demonstrated direct experience).

Certification Requirements

• Certification in Cybersecurity Analysis, Incident Response, or Risk Management desired.

PrismHR is a fast-paced SaaS company which provides customers with a cloud-based payroll process software application. PrismHR also provides professional services including system implementation consulting, custom configurations, and training. Lastly, via the Company’s Marketplace platform customers and end users access other human resources and employee benefits applications from PrismHR’s Marketplace Partners.

Diversity, Equity and Inclusion Program/Affirmative Action Plan:
We have transformed our company into an inclusive environment where individuals are valued for their talents and empowered to reach their fullest potential. At PrismHR, we strive to continually lead with our values and beliefs that enable our employees to develop their potential, bring their full self to work, and engage in a world of inclusion.

Ensuring an inclusive environment for our employees is an integral part of the PrismHR culture. We aren't just checking a box, we are truly committed to creating a workplace that celebrates the diversity of our employees and fosters a sense of belonging for everyone. This is essential to our success. We are dedicated to building a diverse, inclusive, and authentic workplace, so if you’re excited about our roles but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for these open roles or other open roles. We particularly encourage applicants from traditionally under-represented groups as we seek to increase the diversity of our workforce and provide fair opportunities for all.

As a proud Equal Opportunity and Affirmative Action Employer, PrismHR encourages talent from all backgrounds to join our team. Employment decisions are based on an individual’s qualifications as they relate to the job under consideration. The Company’s policy prohibits unlawful discrimination based on sex (which includes pregnancy, childbirth, breastfeeding, or related medical conditions, the actual sex of the individual, or the gender identity or gender expression), race, color, religion, including religious dress practices and religious grooming practices, sexual orientation, national origin, ancestry, citizenship, marital status, familial status, age, physical disability, mental disability, medical condition, genetic information, protected veteran or military status, or any other consideration made unlawful by federal, state or local laws, ordinances, or regulations.

The Company is committed to complying with all applicable laws providing equal employment opportunities. This commitment applies to all persons involved in the operations of the Company and prohibits unlawful discrimination by any employee of the Company, including supervisors and co-workers.

Privacy Policy: For information about how we collect and use your personal information, please see our privacy statement available at https://www.prismhr.com/about/privacy-policy.

PrismHR provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in job application procedures. If you have any difficulty using our online system and you need a reasonable accommodation due to a disability, you may use the following alternative email address to contact us about your interest in employment at PrismHR: taglobal@prismhr.com. Please indicate in the subject line of your email that you are requesting accommodation. Only candidates being considered for a position who require an accommodation will receive a follow-up response.

#LI-ML1