Information Security Analyst-Hybrid

McGohan Brabender

Position: Information Security Analyst

About Us:

McGohan Brabender is renowned for recruiting top-tier talent within the employee benefits industry. As one of the nation's largest employee-owned (ESOP) benefit firms, we are true entrepreneurial disruptors in the field. Our team embodies agility, serving as advisors, financial strategists, and innovative problem solvers.

Our culture is infectious, grounded in our unwavering commitment to fostering a diverse and inclusive workplace where every individual is accorded the utmost dignity and respect. At the core of all our values, whether in life or business, lies our dedication to people. We wholeheartedly encourage everyone to bring their authentic selves to work every single day.

About the Role:

As an Information Security Analyst at McGohan Brabender, you will play an integral role in safeguarding our organization’s data, systems, and networks from cyber threats. The ideal candidate will be a proactive and detail-oriented individual, focused on collaboration with other IT and non-IT resources to create the best solutions for the organization.

Key Responsibilities:

•  Monitor network traffic, system logs, and security alerts for suspicious activity.

•  Analyze security incidents to assess impact and identify root causes.

•  Respond to security breaches, implement corrective actions, and mitigate threats.

•  Coordinate with IT to resolve vulnerabilities and recover affected systems.

•  Perform vulnerability assessments and risk analyses to identify security risks.

•  Recommend measures to mitigate identified risks.

•  Ensure security protocols align with industry regulations and best practices.

•  Conduct regular security audits for compliance with regulatory requirements.

•  Assist in designing, implementing, and managing security measures.

•  Collaborate with IT teams to deploy updates, patches, and configurations.

•  Provide security awareness training and develop best practice guidelines.

•  Collaborate with various departments to align security strategies with organizational goals.

•  Communicate security findings and recommendations to senior management.

•  Stay current with cyber threats and participate in continuous learning.

Qualifications:

• Knowledge of common information security management frameworks.


• Experience implementing SOC2.


• Understanding & experience implementing security protocols in a Microsoft client and server systems.


• Security & configuration knowledge of O365, Azure, Exchange, Active Directory and related tools.


• Experience with computer network penetration testing and techniques required.


• Experience with proactive network, systems monitoring and threat management.


• Three or more years of related experience.

Preferred Qualifications:

• Previously worked in a HIPAA environment.


• Scripting language knowledge.


• Process Automation experience (automating security related functions, scans, reports, etc.)


• Linux knowledge.


• Security certifications: CISSP, CISA, Security+ or similar.