Information Security Analyst

About Big 5 Sporting Goods

Big 5 Sporting Goods is a leading retailer of name-brand sporting goods and accessories, with hundreds of stores in 11 states across the Western U.S. We’re passionate about delivering value and performance to our customers, and we’re looking for an Information Security Analyst to join our team.

Role Overview

The Information Security Analyst is responsible for supporting and executing the organization’s security operations in partnership with a managed detection and response (MDR) provider. This role is cross-functional and focuses on incident investigation, response coordination, security control effectiveness, and continuous improvement of the security posture across on‑premises, hybrid, and cloud environments. The analyst acts as a key operational contributor and subject‑matter expert, translating MDR intelligence into timely, well-documented inputs that support security leadership in risk‑based decision‑making and long‑term risk reduction. The position is located at our Big 5 office in Tustin, California.

Key Responsibilities

Review, validate, and prioritize MDR‑reported incidents based on business context and risk
Manage incident response activities from confirmation through remediation and closure under direction of security leadership
Coordinate containment and recovery actions with IT, infrastructure, and business stakeholders
Ensure incident documentation, timelines, and evidence meet operational, legal, and audit standards
Leverage MDR‑provided detections, investigations, and threat intelligence to guide internal response
Collaborate with the MDR partner on alert tuning, detection improvements, and coverage gaps
Support configuration, operation, and improvement of security controls across endpoint, network, identity, email, and cloud environments
Assist in evaluating, implementing, and integrating new security technologies and controls
Collaborate with infrastructure and development teams to embed security into system architecture and deployment workflows
Participate in system hardening, baseline configuration, and patch management initiatives
Support secure configuration, monitoring, and access control for cloud and SaaS environments
Assist with the secure onboarding of new services and infrastructure changes
Contribute to the development and maintenance of security automations and runbooks
Support security awareness initiatives, including phishing simulations and employee training

What We’re Looking For

2–4 years of hands‑on experience in information security or security operations
Strong understanding of incident response, vulnerability management, and security operations workflows
Experience supporting on‑premises, hybrid, and cloud environments
Solid understanding of operating systems, directory services, cloud services, and networking fundamentals
Familiarity with common attack techniques and adversary frameworks (MITRE ATT&CK, exposure to MITRE ATLAS a plus)
Scripting or automation experience to improve investigation efficiency and operational maturity
Relevant security certifications or equivalent practical experience
Strong sense of ownership and accountability for security outcomes
Demonstrated ability to work independently and drive assignments to completion with minimal supervision

Perks & Benefits

Competitive compensation and benefits (health insurance, savings and retirement plan, vacation, generous corporate discount at all stores)
Hybrid role with 3 days onsite and 2 days remote

Salary

The annual base salary range for this position is from $85,000-$100,000. The range provided includes the base salary that we expect to pay for the role. Offered base salary will be dependent on factors including the scope and complexity of the role, candidate’s related work experience, and subject matter expertise.

California Consumer Privacy Act Notice at Collection