Open Jobs

Senior Information Security Analyst

Location: San Francisco, CA
Salary: $130k - $150k DOE + Bonus and Benefits


  • Daily management of operational information security in a 24×7 live production environment.
  • Assist in providing support for the design, deployment and use of security related reporting tools and management systems.
  • Assist with information security risk assessments and reports to identify, assess, measure, and monitor information security risks.
  • Liaise with internal employees throughout the organization (Engineering, HR, Management and Support) and external costumers as necessary, on information security matters such as emerging security risks and control technologies.
  • Enforce and adapt information security policies, standards, procedures and guidelines, in partnerships with the business.
  • Supporting the incident response, investigation and architecture review processes.
  • Assist, support and maintain the vulnerability management process.
  • Assist with handling the security questionnaire process.
  • Assist with infrastructure framework, perimeter and internal security improvement projects.
  • Independently or as part of a team, analyze business, technical and functional requirements and develop work tasks and complex project plans to meet project objectives.
  • Successfully lead small to midsize projects utilizing external resources and service providers.
  • Effectively communicate with business and IT leadership to insure project success.
  • Define and implement processes and technical solutions to enhance automated monitoring and management.
  • Support the development and deployment of information security processes.
  • Participate in on-call and off-hours support activities which are typical for the role and industry.
  • Support the development, documentation and delivery of training and user guidance to ensure consistent and effective implementation of information security objectives.
  • Receives functional guidance directly from Information Security Manager and supplemental guidance from other team members on general business objectives.
  • Will be self-directing and act as project leader on small to large projects; nurture effective working relationships; will coordinate with internal and external resources in performing the duties of this position.
  • Assist with ISO 27001 and NIST certifications – domestic and international.
  • Assist with Client Due Diligence as requested.

 Essential Skills

  • Knowledge of information security industry standards and frameworks (e.g. PCI DSS, NIST, ISO 27001) desirable.
  • Knowledge of operational security areas preferred.
  • Deep understanding of process and information technology related controls.
  • Familiarity with industry standard tools and applications including Nessus, Palo Alto, Kaspersky, Varonis, etc.
  • Excellent oral and written communication skills.
  • Excellent analytical, research, and problem solving skills with a keen attention to detail.
  • Strong project management, communication and organizational skills.
  • Ability to work on multiple projects, with strong ability to adapt to dynamic work environment and to prioritize tasks accordingly.
  • Proficiency in Microsoft Office suite, including PowerPoint, Excel, Visio, Word.


  • Bachelor’s Degree in Business, Computer Science or equivalent experience, or equivalent Military background in relevant disciplines required.
  • Minimum of 2 years Information Security experience or equivalent experience in Information Risk Management.
  • CISSP, CISM, CRISC, CISA, or similar industry certification(s) preferred.
  • Must possess a solid understanding of Information Technology, Information Security, and Risk Management.
  • Self-motivated, able to work independently and as part of a team.
  • Experience with technical and policy writing.
  • Strong experience with internet and network security products and platforms, including intrusion detection/prevention, incident response and investigation, vulnerability management, data loss prevention and penetration testing.
  • Experience in risk assessment methodology is required.
  • Experience with Change Management Processes.
  • Policy development and implementation experience.
  • Experience in policy and compliance auditing is preferred.