Information Security Analyst implementing risk management in a global enterprise. Collaborating across teams to enhance security and compliance operations in a fast - paced environment.
About the role
- Senior IT Security Engineer at Foley, evolving enterprise security program for SaaS offerings and compliance standards. Collaborating with teams to ensure system, data, and user protection.
Responsibilities
- Design, implement, and manage comprehensive security solutions including SIEM, DLP, EDR, DNS filtering, and encryption across cloud and on-prem environments.
- Administer firewalls, VPNs, and network security infrastructure with a focus on segmentation, least privilege, and Zero Trust principles.
- Lead vulnerability management efforts, including scanning, prioritization, patching, and remediation workflows.
- Oversee and optimize endpoint detection and response (EDR) tools such as Rapid7 and AWS GuardDuty.
- Manage identity and access management (IAM) systems, including SSO, Multi-Factor Authentication (MFA), Microsoft Entra ID (Azure AD), and Active Directory Group Policy.
- Conduct privileged account and user access reviews.
- Partner with IT and DevOps to embed security in CI/CD pipelines and automate controls where possible.
- Contribute to incident response efforts, from detection to root cause analysis and remediation.
- Leverage existing platforms and tools to develop and improve detection, response and containment workflows.
- Respond to real-time monitoring and alert triage for anomalies across SaaS and infrastructure platforms.
- Conduct post-incident reviews and implement proactive controls to prevent recurrence.
- Contribute to disaster recovery and business continuity planning and exercises.
- Serve as the technical lead for the security team, mentoring junior engineers and driving cross-functional security initiatives.
- Partner with Infrastructure, Engineering, and Compliance to integrate security into all stages of system design and delivery.
- Represent Foley in discussions with auditors, vendors, and internal stakeholders on all matters related to cybersecurity and compliance.
- Advocate for security awareness and education across the organization.
- Manage vendor security reviews using ticketing and vendor management solutions.
- Evaluate new tools, vendors, and partners through a security-by-design lens.
- Collaborate with the Compliance department in support of both internal and external audit efforts, including SOC 2 engagements and PCI-DSS internal audits.
Requirements
- Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
- CISSP, SSCP, or equivalent certifications (completed or in progress).
- 5+ years of experience in IT security engineering, with strong exposure to cloud and hybrid environments.
- Proven experience with:
- Microsoft Entra ID (Azure AD), Active Directory, and Group Policy Management
- Single Sign-On (SSO) and Identity Federation (SAML, OIDC, OAuth 2.0)
- AWS security architecture, IAM roles, and network security groups
- Endpoint and network security tools, EDR, SIEM, SOAR, and vulnerability scanner
- Familiarity with cloud access security solutions is a plus.
- Familiarity with containerization or serverless workload solutions, such as Kubernetes, is a plus.
Benefits
- medical, dental, and vision coverage
- 401(k) with company match
- paid time off and holidays
- wellness programs
- employee assistance program
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Nuclear Security Consultant leading protective security projects at Frazer - Nash. Delivering security solutions against nuclear threats while collaborating with clients and internal teams.
Security Officer responsible for protecting, securing, and promoting safety at Memorial Hermann Hospital. Monitoring designated areas and responding to security emergencies, adhering to all policies and procedures.
Client Support Advisor delivering face - to - face service to clients in Scottish Borders. Helping them understand and access benefits with tailored one - to - one support.
Staff Security Architect defining and implementing secure architectures at Yum! Brands supporting global EMEA initiatives.
DevSecOps engineer ensuring security practices in software development lifecycle at Ford. Collaborating with teams and implementing secure coding practices.
Senior IT Security Engineer protecting IT Security platforms for one of the largest e - commerce sites in the U.S. Designing and managing security solutions to ensure network safety.
Cybersecurity Engineer supporting a critical U.S. Navy program enhancing national security and operational readiness. Designing and implementing secure system architectures for Navy combat systems and environments.
CyberSecurity Team Lead overseeing vulnerability management and security integration for Mistral's AI solutions. Collaborating with teams to enhance security posture and protect infrastructure.
Information Security Awareness Associate developing engaging security awareness content for employees at RS Group. Supporting awareness campaigns and coordinating security communications.