The IT Security Analyst’s role is to analyze the organization’s security infrastructure according to best practices while ensuring high data quality and availability levels. This individual will develop, implement, and oversee policies and procedures to provide a secure environment consistent with industry-standard cybersecurity certifications and regulatory compliance.

The IT Security Analyst ensures continuous infrastructure reliability for The Channel Company’s remote workers and devices, including Cloud environments (AWS and Azure), SaaS services (O365, NetSuite, Marketo, Adobe Workfront, Salesforce), Microsoft 365 tools (Azure Active Directory, EndPoint Manager, Azure Information Protection), and IT management tools (Sophos Intercept MTR, Mimecast, ManageEngine). In addition, the analyst will develop security operations and incident management processes to protect and restore service operations as quickly as possible and minimize customer impact. Ideal candidates have strong experience with security event remediation and incident response.

The Channel Company values differences because they enhance dynamic teams. We know that the confidence gap can get in the way of connecting with the best candidates. Please do not hesitate to apply – we would be honored to connect with you.

• Full-time, remote
• This role must be located in the United S, and will work EST hours.
• Sporadic weekends or off-hours may be required when implementing changes or responding to high-priority issues
• Minimal travel, but likely to occur for specific projects and company events

Key Responsibilities

• In coordination with the IT team and Managed Service Providers, harden systems and ensure systems are up to date
• Perform internal cybersecurity audits and facilitate external audits
• Work with 3rd party vendors to run vulnerability scans and penetration tests and assist in developing remediation processes based on the findings
• Analyze and apply applicable information from intelligence reports
• Investigate security breaches and other Information Security incidents
• Document and classify security events and incidents. Act as the first responder to triage and remediate events
• Conduct cybersecurity reviews before applications, systems, or integrations go live
• Contribute to the design and participate in disaster recovery and business continuity plans
• Develop, train, and communicate Information Security policies and procedures
• Review information security awareness training and track completion and effectiveness for all team members
• Perform interactive exercises to measure the effectiveness of our systems and training
• Create and update well written systems and security documentation suitable as evidence for compliance activities
• Manage security related projects and coordinate activities with managed service providers and internal stakeholders

Qualifications

• 4 years of Information Security analysis experience or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 3 years experience in an active IT Security role is preferred
• Bachelor’s degree in Cybersecurity, Computer Information Science, Computer Science, or another related field
• Familiarity with computer security models such as Zero Trust architecture, Attribute-based access control, Role-based access control, and Multilevel Security.
• Comfortable in an environment that has a global and remote workforce, is based entirely around SaaS applications and IaaS, and understands the unique security challenges this presents compared to a traditional hosted or data center model with employees working from company offices

Technical Skills

• 3 years of IAM (Identity and Access Management) and MDM (Mobile Device Management) experience, particularly with Azure Active Directory and Intune
• Skilled with Microsoft security and compliance solutions within the Purview, Defender, and Entra platforms
• Familiarity with MDR and SIEM platforms such as ArcticWolf and Splunk
• Familiarity with CASB/Zero Trust platforms such as zScaler or Netskope
• Strong understanding of Azure Active Directory Conditional Access , MFA, and SSO
• Experience with system hardening
• Experience with penetration testing and vulnerability scanning
• Experience with threat hunting and log and event analysis toolsets
• Experience with investigation protocols and discovery techniques
• Good understanding of email security gateways such as Proofpoint or Mimecast as well as SPF, DKIM, and DMARC
• Experience with security and governance frameworks such as NIST, HITRUST, CIS, etc.
• Exposure to and a good understanding of ISO 27001 and ISO 27701 audits are preferred

Benefits

All full-time employees of The Channel Company enjoy benefit offerings such as medical, dental, vision, tele-health, disability, life insurance, health savings accounts, paid parental leave, company matched 401k, unlimited PTO, sick time, and 15 company paid holidays. At The Channel Company we truly value work/life balance, are 100% remote, and employees enjoy flexible working hours. Beyond that, we are an innovative, collaborative, and inclusive group of employees who come together to overcome challenges and achieve best-in-class results.

*The Channel Company is licensed in the following states: AZ, CA, CT, DC, FL, GA, ID, IL, IN, KS, LA, MA, ME, MI, MN, MO, NC, NH, NJ, NV, NY, OR, PA, RI, TN, TX, UT. To be considered for this opportunity, you must reside in one of these listed states.