hero

Explore thousands of opportunities across Tech:NYC’s member network.

691
companies
4,636
Jobs

Senior Information Security Analyst, Managed Services

SecurityScorecard

SecurityScorecard

IT
India · Remote
Posted on Thursday, May 30, 2024

About SecurityScorecard:

SecurityScorecard is the global leader in cybersecurity ratings, with over 12 million companies continuously rated, operating in 64 countries. Founded in 2013 by security and risk experts Dr. Alex Yampolskiy and Sam Kassoumeh and funded by world-class investors, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their digital footprint.

Headquartered in New York City, our culture has been recognized by Inc Magazine as a "Best Workplace,” by Crain’s NY as a "Best Places to Work in NYC," and as one of the 10 hottest SaaS startups in New York for two years in a row. Most recently, SecurityScorecard was named to Fast Company’s annual list of the World’s Most Innovative Companies for 2023 and to the Achievers 50 Most Engaged Workplaces in 2023 award recognizing “forward-thinking employers for their unwavering commitment to employee engagement.” SecurityScorecard is proud to be funded by world-class investors including Silver Lake Waterman, Moody’s, Sequoia Capital, GV and Riverwood Capital.

About the Team

If you are an experienced cybersecurity practitioner who is excited by solving our Customer’s complex challenges and improving their cybersecurity resilience through innovative solutions - this role might be for you! At SecurityScorecard, our Professional Services team puts our Customers first and operates as a #oneScorecard Team. We seek to drive excellence, both in ourselves and others, and we fully leverage the SecurityScorecard platform in what we do.

About the Role

SecurityScorecard’s Senior Information Security Analyst is a key role within our Managed Services practice of our broader Professional Services Team This position will provide technical analysis of high volume information to detect, identify and respond to cyber threats on our Customer’s behalf. You will work within our custom tools and our SecurityScorecard platform to operationalize our Customer’s third- and fourth- party vendor risk management programs. You will apply a security practitioners mindset to vendor management problems to ensure our Customers are protected and informed across their vendor ecosystem. As a senior team member, you will work across internal functions within our broader Professional Services team as well as SecurityScorecard, including Intel and Product, to ultimately drive positive business outcomes for our Customers.

What You’ll Do:

  • Responsible for daily analysis and monitoring of security and third party vendor risk management
  • Document security investigations in a clear and consistent manner, often based on incident tickets created by EDR or SIEM tools
  • Monitor SIEM, EDR, and our own security tools for detection and identification of security events for Customers and their Vendors
  • Identify likely threat vectors for security incidents and perform root cause analysis
  • Perform threat hunting to identify potential security threats, as well as vulnerability and threat intelligence research for specific attacks
  • Develop new use cases for security alerts and playbooks, and conduct training on alerts
  • Tune endpoint and network security tools as needed, understand their configuration and setting options
  • Review threat intelligence reports and communicate TTPs (techniques, tactics and procedures) to Customers
  • Become an expert in the SecurityScorecard platform, utilizing the product to import, monitor and respond to risks in a Customer’s vendor ecosystem
  • Provide feedback, design or create scripts/tools to automate repetitive tasks observed in daily operations
  • Contribute to the managed services team by consulting with others on information security topics, conducting training, and documenting recommendations and exceptional deliverables to raise overall awareness on good cyber hygiene.

What We need you to have:

  • At least 5+ years of professional information security consulting experience
  • 6-10 years of general experience in a technology discipline
  • Knowledge of various security methodologies, solutions and current trends.
  • Knowledge of at least one of the major information security management systems such as NIST CSF, NIST SP800-53 or ISO27000.
  • Hands-on experience in at least one technical cybersecurity domain such as penetration testing, incident response, cloud analytics, threat intelligence, security training, or security management.
  • Excellent English written and verbal communication skills.
  • Ability to lead an informed discussion and bring clients to understand information security risks and needs.
  • Strong influencing skills that promote productivity
  • At least one certification in the following list: CEH, GSLC, GCPM, GSTRT, GCCC, GSNA, CISSP, CISM, CISA or CRISC is desired.

Benefits:

Specific to each country, we offer a competitive salary, stock options, Health benefits, and unlimited PTO, parental leave, tuition reimbursements, and much more!

SecurityScorecard is committed to Equal Employment Opportunity and embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skill sets, ideas, and perspectives. We make hiring decisions based on merit and do not discriminate based on race, color, religion, national origin, sex or gender (including pregnancy) gender identity or expression (including transgender status), sexual orientation, age, marital, veteran, disability status or any other protected category in accordance with applicable law.

We also consider qualified applicants regardless of criminal histories, in accordance with applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or accommodation due to a disability, please contact talentacquisitionoperations@securityscorecard.io.

Any information you submit to SecurityScorecard as part of your application will be processed in accordance with the Company’s privacy policy and applicable law.

SecurityScorecard does not accept unsolicited resumes from employment agencies. Please note that we do not provide immigration sponsorship for this position.