Description:
Our SaaS-based, cloud-first company is seeking a proactive Cyber Security Analyst.
As a Cyber Security Analyst at our company, you are a vital member of the Information Security team. You will help secure our multi-tenant cloud applications and infrastructure, particularly AWS and Salesforce, collaborating with development, IT, and operations teams to identify risks, investigate incidents, and strengthen our cloud-native security posture.
Job Description:
-
Contribute to the development and maintenance of information security policies, procedures, and baseline standards; drive adoption across functional teams.
-
Perform project- and solution-based risk assessments for new technologies and third-party vendors to identify security and privacy risks.
-
Implement, monitor, and maintain security controls in AWS (IAM, Security Hub, GuardDuty, Config) and Salesforce (Shield, profiles, permission sets, SSO, Event Monitoring).
-
Review and triage security alerts from cloud SIEM, CSPM, IDS/IPS, EDR, and AWS-native monitoring tools; correlate logs and event data to detect anomalies.
-
Respond to and coordinate security and compliance assessment requests from clients and governmental agencies; track remediation through resolution.
-
Assist with containment, eradication, and recovery activities during incidents; document timelines, root-cause analyses, and lessons learned.
-
Perform and coordinate ongoing security reviews and assessments (penetration tests, red-team exercises, process maturity reviews) to validate control effectiveness.
-
Identify vulnerabilities through threat feeds and vulnerability scans; coordinate timely remediation with stakeholders.
-
Assist in measuring and tracking security and compliance metrics and KPIs; support security program enhancements and tool implementations.
-
Develop and refine security awareness training materials; support ISO 27001 compliance activities and liaise with external auditors.
-
Any other duties assigned by the Manager.
Job Type:
-
Schedule: Full-time (40 hours per week, Monday through Friday)
-
This is a hybrid role, 4 days in the office, 1 day remote. Candidates must reside within commutable distance to one of our Chicago offices.
Benefits:
-
Health, Dental, Vision, Life, 401K, Vacation, Sick-Time, Holidays, etc.
Requirements:
Must Have:
-
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
-
2+ years of experience in two or more domains of information security, risk & compliance (GRC), or IT audit.
-
Hands-on experience securing AWS environments and administering Salesforce security features (Shield, Event Monitoring, SSO).
-
Proficiency with cloud SIEM, CSPM, CWPP, and EDR tools.
-
Familiarity with vulnerability scanning (e.g., Qualys, Tenable.io) and cloud event logs.
-
Basic scripting or automation skills (Python, PowerShell, Bash).
-
Excellent verbal and written communication skills and stakeholder management experience.
-
Experience with GRC platforms (e.g., Vanta, Drata, OneTrust).
Need to be:
-
Self-starter with ability to handle complex tasks independently and meet deadlines.
-
Detail-oriented and highly organized.
-
Logical and determined problem solver.
-
Strong collaborator who can build positive working relationships across teams.
-
Creative thinker who approaches challenges with tenacity.