Security Analyst

* Conduct comprehensive network and system vulnerability assessments, track identified vulnerabilities throughout their lifecycle, and coordinate timely remediation and follow-up with responsible teams.* Ensure patch management processes are executed promptly in coordination with impacted stakeholders.* Manage and secure the Okta IdP environment, including configuration of policies for MFA, SSO, and Adaptive Authentication.* Oversee Identity Lifecycle Management (provisioning/deprovisioning) to ensure least-privilege access and prevent unauthorized access.* Implement and tune Identity Threat Protection mechanisms to block high-risk sign-in attempts automatically.* Track new vulnerability lifecycle from discovery to closure.* Implement, configure, tune, and manage security tools and solutions, including EDR platforms, firewalls, and IDS/IPS systems, to align with organizational needs and security standards.* Continuously review and update internal security policies, incident response procedures, and disaster recovery plans to reflect evolving threats and compliance requirements.* Conduct risk assessments of systems, services, and third-party tools, and collaborate with leadership to implement new security initiatives, frameworks, and compliance controls.* Monitor and maintain adherence to regulatory and industry-standard security frameworks through internal audits and control tests.* Evaluate and test disaster recovery and data backup plans to ensure operational effectiveness.* Conduct access review of high-risk applications.* Support penetration testing efforts and coordinate remediation of findings.* Run internal phishing simulations and support company-wide security awareness and training initiatives.* Partner with infrastructure, engineering, and compliance teams to implement secure solutions and ensure secure system design.* Provide guidance and support to team members during complex security challenges, and document operational procedures, tools, and incident handling processes to enable knowledge transfer and skills development.* Collaborate with IT and HR teams to automate and secure onboarding and offboarding workflows within Okta.* Communicate security risks, incidents, and prevention strategies effectively to technical and non-technical stakeholders, and serve as a point of contact for employee-reported security issues, escalating as appropriate.* Maintain an up-to-date inventory and documentation of critical security tools, systems, processes, and policies, ensuring they are operational, accurate, and accessible for cybersecurity and incident management purposes.* Ensure all security controls, procedures, and technologies are aligned with organizational policies and regulatory requirements.* 3+ years of experience in a cybersecurity or security analyst role.* Industry security certifications would be a plus: CompTIA Security+, CompTIA CySA+, ISC2 SSCP, CISSP, AWS Cloud Practitioner, AWS Solutions Architect.* Hands-on experience with incident response, including investigating and resolving cyber security breaches.* In-depth knowledge of cloud architecture and security, specifically with AWS and Azure.* Familiarity with cloud-native security monitoring tools e.g. GuardDuty, Security Hub, Azure Sentinel.* Proven experience administering and securing Okta environments (Workforce Identity, Universal Directory, MFA, Lifecycle Management).* Hands-on experience with Identity Protection strategies, including Conditional Access policies and detecting identity-based attacks.* Experience with endpoint security in Windows and Mac environments.* Demonstrated experience in vulnerability management, including patching and remediation efforts.* Proven track record of monitoring and managing security incidents, ensuring rapid response and compliance with security protocols.* Practical experience working with security frameworks such as OWASP, MITRE ATT&CK, NIST, SOC2, and ISO27001.* Expertise in using and managing cybersecurity tools like EDR, WAF, SIEM, Log Management, and Cloud Security Platforms.* Advanced understanding of computer networking protocols such as TCP/IP, OSI, DNS, SSL/TLS, HTTP/S, and SAML.* Proficiency in conducting security assessments, including vulnerability scanning, penetration testing and security risk analysis* Skilled in web application security testing, network intrusion detection, data protection and security monitoring tools.* Excellent communication skills, with the ability to explain complex technical concepts to non-technical stakeholders.* Highly organized, with the ability to handle competing priorities and deadlines in a fast-paced environment.* Strong critical thinking and problem-solving abilities, capable of identifying issues and proposing effective solutions under pressure.* Ability to collaborate effectively with both technical and non-technical teams, ensuring clear and actionable communication.* Competitive salary commensurate with the role* Competitive benefits package* Birthday day off* Vacation time for you to recharge* Enhanced Parental Leave* Learning and growth opportunities* Employee Resource Groups#J-18808-Ljbffr