Security Analyst
Mitek Systems
Cyber Security
IT Security Analyst
Sandy Hook Promise
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $80,000 - $90,000 per year
Job Level
Mid-LevelSenior
Tech Stack
AzureCloudCyber Security
About the role
- Lead Cybersecurity Strategy & Governance: Develop and execute a comprehensive security roadmap aligned with Zero-Trust principles, organizational goals, and regulatory frameworks (CIS, NIST, ISO 27001, GDPR, HIPAA, PCI DSS).
- Risk Management & Compliance: Maintain the enterprise risk register, conduct periodic risk assessments, and oversee remediation of identified vulnerabilities to strengthen resilience.
- Cloud & SaaS Security Oversight: Harden and manage Microsoft 365 tenant security (MFA, conditional access, DLP, encryption, data residency) and perform ongoing security reviews of third-party SaaS vendors and integrations (e.g., Salesforce).
- Endpoint & Remote Workforce Protection: Ensure secure device configurations, patch management, and endpoint compliance across a fully remote workforce.
- Threat Detection & Incident Response: Monitor, investigate, and respond to security alerts using Microsoft Sentinel and Defender; conduct root-cause analyses and coordinate cross-functional incident response and recovery.
- Vulnerability & Threat Management: Lead proactive testing (penetration, vulnerability, phishing simulations) and maintain continuous threat-intelligence monitoring.
- Security Architecture & Continuity Planning: Support data-protection, backup, and recovery strategies; participate in business-continuity and disaster-recovery planning and exercises.
- Policy, Documentation & Reporting: Maintain audit-ready security documentation; generate dashboards and KPIs that measure security posture, compliance, and incident trends.
- Training & Awareness: Develop and deliver cybersecurity training programs to promote a security-first culture and reduce organizational risk through education.
- Collaboration & Advisory Support: Partner with IT, Programs, and Operations to embed security in project design and technology adoption; advise on security implications of new initiatives.
Requirements
- A commitment to SHP’s mission and values.
- 3+ years of experience in IT security, cybersecurity operations, or related roles.
- Hands-on experience with Microsoft security tools (Defender, Sentinel, Intune, Entra ID/Azure AD, Purview).
- Strong understanding of identity management, endpoint protection, threat detection, and incident response.
- Familiarity with compliance frameworks (CIS Controls, ISO 27001, or similar).
- Excellent analytical and problem-solving skills; ability to communicate technical issues to non-technical audiences.
- Microsoft certifications such as SC-200 (Security Operations Analyst Associate), SC-300 (Identity & Access Administrator), AZ-500 (Security Engineer Associate), or MS-500 (Security Administrator) preferred.
- Experience supporting cybersecurity in nonprofit or resource-constrained environments.
- Knowledge of PowerShell scripting, KQL (Kusto Query Language), or automation in Microsoft Sentinel.
- Experience with vendor security assessments and SaaS risk management.
Benefits
- Unlimited PTO
- Flexible schedules
- Paid holidays and 10 days sick leave
- Paid parental leave
- Health, dental, and vision
- Employer paid life insurance and short- and long-term disability
- 401k match
- Professional development stipend
- Wellness & mental health support
- Employer Paid Employee Assistance Program
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurity strategyrisk managementcloud securityendpoint protectionthreat detectionincident responsevulnerability managementsecurity architecturePowerShell scriptingKQL
Soft skills
analytical skillsproblem-solving skillscommunication skillscollaborationtraining development
Certifications
SC-200SC-300AZ-500MS-500
