Analyst, Cybersecurity

Who Are We Looking For?

The Vestwell CyberSecurity team is looking for an experienced, meticulous and detail-oriented security analyst to be responsible for monitoring the security systems in our organization. The security analyst's responsibilities include securing our infrastructure, filtering out suspicious activity, and finding and mitigating security risks before any breaches can occur. You will work inter-departmentally to identify and correct any flaws in our security systems.

You should have a sound working knowledge of cybersecurity, including intrusion prevention and incident response. You should be detail oriented with strong analytical skills and have good communication, interpersonal, and leadership skills.

What Will You Be Doing?

Manage all day-to-day activities within the Security organization. This would include:

• Management of Vanta
• • Investigating alerts and opening Jira tickets to responsible parties.
  • Overall cleanup of Vanta
• Management of Anti-Virus and Anti-Malware solutions.
• • Monitoring and alerting management.
  • Confirm infrastructure has most recent patches, updates and libraries.
• Develop ongoing security posture improvements.
• • Evaluate existing and new tooling to confirm customer PII and sensitive corporate data is protected.
• Work closely with Engineering to provide guidance and advice on industry best practice security.
• Management of Nightfall DLP solution.
• • Evaluate existing Detection Rules.
  • Implement detection rules based on growth of the Vestwell platform.
  • Action against alerts triggered for DLP leakage.
• Authentication & Authorization
• • Work with stakeholders to continue evolving the A&A platforms at Vestwell to adhere to industry standards and Vestwell growth.
• Manage & complete DDQ's or Risk Questionnaires that come in from potential customers.
• • Partner with HyperComply to continue building the HC database for improved turnaround time on DDQ's.

Day to Day, You May Also Be Expected To:

• Work closely with Legal and Compliance teams to evaluate and improve policies.
• Work closely with the CorpIT team to evolve the onboarding and offboarding process with a focus on Security.

Requirements

The Necessities

• Professional experience in computer science, programming, or related field.
• Professional experience working in computer systems with some specialization in computer security.
• The ability to manage competing deadlines.
• Excellent verbal and written communication skills, interpersonal, and teaching skills.
• Ability to anticipate, analyze, and problem-solve
• The ability to remain current on the latest technology and best practices in information security.
• Proficient, or able to gain proficiency with, a broad array of security software applications and tools.
• Thorough understanding of computer-related security systems including firewalls, encryption, and password protection and authentication.
• Experienced with penetration testing and techniques.
• Understand patch management.

The Extras

• Advanced training certifications may be advantageous.
• • CISSP
• Training or experience with SOC audits.
• Training or experience with Financial Regulatory Audits/Compliance (ERISA, SEC, etc.)

This role will be based in either the New York City, Austin, King of Prussia, or Phoenix office, and will be part of Vestwell's hybrid in-office operation.

The expected base salary range for this position is $90K - $115K base. This position is eligible to participate in the Company Bonus Pool and is eligible to receive new hire equity in the Company. Please note that salary bands are based on NY and other similar metro areas and may differ based on where the role is ultimately hired.