Information Security Analyst at ISH. Ensuring cybersecurity through incident management and user support while working in a dynamic team.
About the role
- Security Analyst focusing on brand protection against online fraud and phishing attacks. Investigating threats, pursuing takedowns, and supporting sales evaluations in a hybrid work environment.
Responsibilities
- Review and assess emerging phishing, impersonation, and online fraud threats targeting Bolster’s prospects.
- Identify and pursue takedowns for malicious content across web, social media platforms, and mobile application stores, including impersonation accounts, fraudulent applications, and related abuse.
- Perform targeted threat hunting to identify malicious domains, credential harvesting sites, fake login portals, and related attacker infrastructure across multiple modules.
- Use OSINT tools and investigative techniques (WHOIS, DNS records, certificate transparency, search-based discovery, and infrastructure pivoting) to enrich findings and uncover related malicious activity.
- Analyze suspicious websites, hosting infrastructure, DNS records, redirects, and related artifacts to detect attack patterns and emerging abuse trends.
- Pursue takedown actions during active proof-of-concept (POC) evaluations and track each case through successful remediation.
- Coordinate with registrars, hosting providers, and relevant abuse contacts to drive timely enforcement actions.
- Monitor previously reported malicious infrastructure to confirm suspension and identify re-registration, reactivation, or attacker evasion attempts.
- Support the Sales team with technical validation and threat intelligence during active POCs and evaluations.
- Generate periodic and ad-hoc reports highlighting threat activity, detection insights, and remediation outcomes.
Requirements
- 2+ years of experience in trust & safety or brand protection, with a focus on Pre-Sales.
- Well versed with phishing, impersonation, credential harvesting, and online fraud activity, including investigative and reporting workflows.
- Experience supporting technical evaluations, proof-of-concepts (POCs), or internal presales efforts is strongly preferred.
- Understanding of internet infrastructure, including domains, DNS, hosting providers, redirects, and attacker infrastructure.
- Knowledge of security and fraud detection principles and common attacker tactics, techniques, and procedures.
- Self-motivated and detail-oriented with the ability to work independently as well as collaboratively.
- Strong analytical and investigative mindset, including problem-solving and hypothesis-driven investigation.
- Strong written and verbal communication skills with the ability to clearly document findings and summarize technical information internally.
- Security certifications (Security+, GSEC, or similar) are a plus.
- Willingness and openness to assist with time-sensitive investigations aligned with active presales evaluations or critical incidents.
Benefits
- Excellent medical, dental, and vision insurance
- Flexible time off + paid holidays.
- Equity + 401(k) plan
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Senior Cybersecurity Analyst at Localiza&Co, responsible for securing information systems and data integrity through various cybersecurity measures. Engage in planning and implementing security protocols for cloud integrations.
Information Security Analyst handling security incidents and leading technical initiatives within a retail company. Involves reporting, tool management, and policy development.
Lead Cybersecurity Analyst specializing in Cloud Security for FIS. Assessing security posture of cloud environments and providing actionable remediation strategies.
Network Security Analyst II securing information systems and networks against security threats at Cayuse. Responsible for vulnerability assessments, incident response, and security measures implementation.
Threat Hunting Analyst supporting Sales/Pre - Sales teams demonstrating threat detection capabilities at Bolster. Conducting investigations, analyzing phishing infrastructure, and building customer trust.
Senior Network Security Analyst responsible for network security and infrastructure management at Minsait. Collaborating on innovative projects while ensuring compliance and performance optimization.
Junior Cybersecurity Analyst supporting operational technology security and vulnerability management efforts in a hybrid work environment at Minsait.
Senior Access Management Analyst ensuring information security and integrity at Banco ABC Brasil. Managing user access and implementing security policies in the organization.
Senior Security Analyst at Asta focused on security engineering and operational resilience in a hybrid role. Collaborating with various teams to enhance security protocols and manage incidents.