Cyber Security Analyst

Description: Cyber Security Analyst Our SaaS-based, cloud-first company is seeking a proactive Cyber Security Analyst. As a Cyber Security Analyst at our company, you are a vital member of the Information Security team. You will help secure our multi-tenant cloud applications and infrastructure, particularly AWS and Salesforce, collaborating with development, IT, and operations teams to identify risks, investigate incidents, and strengthen our cloud-native security posture. Job Description: • Contribute to the development and maintenance of information security policies, procedures, and baseline standards; drive adoption across functional teams. • Perform project- and solution-based risk assessments for new technologies and third-party vendors to identify security and privacy risks. • Implement, monitor, and maintain security controls in AWS (IAM, Security Hub, GuardDuty, Config) and Salesforce (Shield, profiles, permission sets, SSO, Event Monitoring). • Review and triage security alerts from cloud SIEM, CSPM, IDS/IPS, EDR, and AWS-native monitoring tools; correlate logs and event data to detect anomalies. • Respond to and coordinate security and compliance assessment requests from clients and governmental agencies; track remediation through resolution. • Assist with containment, eradication, and recovery activities during incidents; document timelines, root-cause analyses, and lessons learned. • Perform and coordinate ongoing security reviews and assessments (penetration tests, red-team exercises, process maturity reviews) to validate control effectiveness. • Identify vulnerabilities through threat feeds and vulnerability scans; coordinate timely remediation with stakeholders. • Assist in measuring and tracking security and compliance metrics and KPIs; support security program enhancements and tool implementations. • Develop and refine security awareness training materials; support ISO 27001 compliance activities and liaise with external auditors. • Any other duties assigned by the Manager. Job Type: • Schedule:Full-time (40 hours per week, Monday through Friday) • This is a hybrid role, 4 days in the office, 1 day remote. Candidates must reside within commutable distance to one of our Chicago offices. Benefits: • Health, Dental, Vision, Life, 401K, Vacation, Sick-Time, Holidays, etc.Requirements: Must Have: • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience). • 2+ years of experience in two or more domains of information security, risk & compliance (GRC), or IT audit. • Hands-on experience securing AWS environments and administering Salesforce security features (Shield, Event Monitoring, SSO). • Proficiency with cloud SIEM, CSPM, CWPP, and EDR tools. • Familiarity with vulnerability scanning (e.g., Qualys, Tenable.io) and cloud event logs. • Basic scripting or automation skills (Python, PowerShell, Bash). • Excellent verbal and written communication skills and stakeholder management experience. • Experience with GRC platforms (e.g., Vanta, Drata, OneTrust). Need to be: • Self-starter with ability to handle complex tasks independently and meet deadlines. • Detail-oriented and highly organized. • Logical and determined problem solver. • Strong collaborator who can build positive working relationships across teams. • Creative thinker who approaches challenges with tenacity.