Find The RightJob.

Cybersecurity Analyst

About Goosehead

Since 2003, Goosehead Insurance has been disrupting the insurance industry by giving clients the power of choice, utilizing a smarter marketing approach, and delivering world-class service. This is all powered by our focus on hiring and retaining extraordinary people. Our clients trust us with their most valuable possessions, so we’re more than just a bit selective when it comes to hiring new team members.

Job Summary

We are seeking a Cybersecurity Analyst who's experience will be pivotal in protecting the company’s data, systems, and infrastructure. The analyst will be responsible for assessing security controls, managing vendor risk, and collaborating with internal teams to ensure compliance with regulatory requirements.

Principal Duties and Responsibilities:

Monitor and analyze security alerts from various tools (e.g., SIEM, EDR, firewalls, network traffic) to detect intrusions, malware, or anomalous activity.
Perform in-depth investigations of security incidents, determine root causes, and recommend remediation steps.
Conduct vulnerability assessments, penetration testing support, and risk evaluations to identify and prioritize threats.
Develop, review, and maintain cybersecurity policies, standards, and procedures in alignment with industry frameworks (e.g., NIST, ISO 27001, CIS Controls) and regulatory requirements.
Support Governance, Risk, and Compliance (GRC) activities, including conducting risk assessments, maintaining the risk register, performing gap analyses against compliance standards (e.g., SOC 2, PCI DSS, HIPAA, GDPR, CCPA), and tracking mitigation plans.
Assist with internal and external compliance audits, evidence collection, vendor risk assessments, and remediation of identified findings to ensure ongoing adherence to regulations and organizational policies.
Monitor and report on compliance metrics, regulatory changes, and risk trends; prepare detailed reports on security events, GRC status, and metrics for management and audit purposes.
Develop and implement security controls, policies, and procedures to protect networks, systems, and data.
Respond to and mitigate cybersecurity incidents, including containment, eradication, and recovery efforts.
Collaborate with cross-functional teams (IT, legal, HR, audit) on security projects, awareness training, threat intelligence, and GRC initiatives.
Stay current on evolving cyber threats, tools, regulatory landscapes, and best practices; contribute to continuous improvement of the security and compliance posture.

Experience and Education

Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience/certifications).
Certifications such as CompTIA Security+, CySA+, CEH, GIAC, CISA, CRISC, or CISSP highly preferred.

Required Skills and Abilities

2–5+ years of experience in cybersecurity, IT security, or related roles (experience with GRC/compliance activities is a plus).
Proficiency with security tools (SIEM, vulnerability scanners, endpoint protection) and understanding of frameworks like NIST, MITRE ATT&CK, and common GRC standards.
Strong problem-solving, analytical, communication, and documentation skills.

Benefits Summary

High-quality voluntary health, vision, disability, life, and dental insurance programs
401K Matching Plan
Employee Stock Purchase Plan
Paid holidays, vacation, and sick leave
Corporate-sponsored programs to enhance employee physical, financial, mental, and emotional wellness
Financial Solution Program

Equal Employment Opportunity:

Goosehead is an equal-opportunity employer and complies with all applicable federal, state, and local laws, rules, guidelines, and regulations. Goosehead strictly prohibits and does not tolerate unlawful discrimination against employees, applicants, or any other covered person because of race, color, religion, creed, national origin, ancestry, ethnicity, sex (including pregnancy, childbirth, and related medical conditions), sexual orientation, gender, gender identity, transgender status, age, physical or mental disability, veteran status, uniformed service, genetic information, or any other characteristic protected by applicable law. All applicants for employment and all Goosehead employees are given equal consideration based solely on job-related factors, such as qualifications, experience, performance, and availability.

To learn more about our job opportunities, apply here. We look forward to speaking with you!

Similar jobs