4,880 Information Security Analyst jobs in the United States

Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic SOC Analyst to contribute to the success of our rapidly growing business.

You would act as a SOC Analyst for global Security Operations Center (SOC) team at our Sunnyvale HQ office. This highly technical role requires continuous security event monitoring, threat identification, risk assessment, incident response, and collaboration with regional leaders to advance Fortinet's security posture and compliance. As part of a 24x7x365 "follow the sun" SOC model, this role involves working five days per week (40 hours), which may include weekend shifts as part of the standard workweek.

As an SOC Analyst, your responsibilities will include:

• Actively monitor and analyze security events, alerts, and logs using SIEM, SOAR, EDR, DLP, Threat Intelligence and Cloud Security platforms.
• Investigate incidents to mitigate risks. Define and refine SOC automation workflows, including playbooks, alerts, reports, and dashboards, to improve threat detection and incident response.
• Analyze security logs to identify anomalies, policy violations, or potential attacks, and take appropriate action based on procedures.
• Provide support and guidance to system administrators, developers, and end-users on security best practices and control implementation.
• Contribute to the maintenance and enforcement of security policies, standards and procedures to ensure compliance.

We are looking for:

• Experience : Minimum of 5 years of hands-on experience in Information Technology, cybersecurity, or working in a Security Operations Center (SOC) or Network Operations Center (NOC).
• Technical Skills :
  
  • Solid understanding of the threat landscape, attacker tactics (e.g., phishing, malware, APTs, DoS attacks), and defensive strategies.
  • Proficiency in at least one scripting language (e.g., Python preferred).
  • Skilled in security technologies such as SIEM, SOAR, EDR, ID/IPS, access control, vulnerability management, cloud security, and External Attack Surface Management (EASM).
  • Experience with cloud security concepts, tools, and best practices across platforms like AWS, Azure, or GCP.
  
  
• Soft Skills :
  
  • Exceptional written, verbal, and interpersonal communication skills, with strong attention to detail.
  • Proven ability to collaborate across teams and foster a customer-focused and security-aware culture.
  
  

Educational & Certification Requirements:

• Education : Bachelor's degree in Computer Science, Information Security, or a related field.
• Certifications : Preferred certifications: CISSP, CCSP, CISA, CISM, CRISC, CCNA, GIAC GCFE, GCFA, GCIH.

About Our Team:

Join our team, known for its collaborative ethos, working seamlessly with global customers, internal engineering teams and product development groups. Our team culture emphasizes continuous learning, innovation, and a strong commitment to customer satisfaction. We embrace Fortinet's core values of openness, teamwork and innovation, fostering an environment where team members support each other, share knowledge, and leverage AI to solve complex technical challenges. Our inclusive and dynamic team thrives on collaboration and is driven by the shared goal of maintaining Fortinet's high standards of excellence in cybersecurity solutions.

Why Join Us:

We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being.

Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.

The US base salary range for this full-time position is $160,000-$180,000. Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time as well as a comprehensive leave program.

Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.

All roles are eligible to participate in the Fortinet equity program, Bonus eligibility is reviewed at time of hire and annually at the Company's discretion.

#GD

Applied Medical is a new-generation medical device company with a proven business model and commitment to innovation fueled by rapid business growth and expansion. Our company has been developing and manufacturing advanced surgical technologies for over 35 years and has earned a strong reputation for excellence in the healthcare field. Our unique business model, combined with our dedication to delivering the highest quality products, enables team members to contribute to a larger capacity than is possible in typical positions.

Position Description

Are you passionate about cybersecurity? Join Applied Medical as an Information Security Analyst and be at the forefront of protecting our digital infrastructure. As part of our Corporate Applications team, you'll be working onsite at our global headquarters operating security controls, monitoring networks for threats, supporting the installation of security software, and participating in investigations. The Information Security Analyst will also contribute to the development and maintenance of security policies and compliance activities.

Key Responsibilities:

• Security Operations: Plan, implement, operate, upgrade, and monitor security measures to protect computer networks and sensitive information from potential security threats, vulnerabilities, or breaches. Respond to security incidents by conducting Incident Response activities and safeguarding digital files and vital electronic infrastructure.

• Process Improvement & Compliance: Support the development and maintenance of security policies and procedures. Assist with the internal and external audits by providing compliance documentation aligned with applicable laws, regulations, and industry standards. Recommend and assist in delivering security education, training, and awareness initiatives to promote organizational compliance and best practices.

• Technical Support: Stay informed on evolving regulatory requirements and emerging cybersecurity trends. Serve as a technical resource for project initiatives and implementation of projects.

• Associate's degree or above in Information Security, Computer Science, or a related field, or equivalent experience
• 3 - 5 years of experience of relevant work experience.
• Experience with monitoring and analyzing security alerts from SIEM tools.
• Experience in managing endpoint security solutions (antivirus solution).
• Experience supporting DLP programs and investigating potential data exfiltration events.
• Experience in vulnerability scans and remediation.
• Ability to think in a proactive and innovative approach to solve security challenges
• Strong organizational and analytical skills with a proven ability to solve complex problems
• Excellent written and verbal communication skills
• Ability to multi-task and plan all aspects of a project or process from inception to completion
• Familiarity with cybersecurity tools and technologies
• Proficiency in Microsoft Office programs

• Strong understanding of Windows, macOS, and/or Linux endpoint architecture and security features
• Experience with security incident investigation and remediation
• Familiarity with malware behaviors and attack techniques

• Competitive compensation range: $8000 - $ /year (California).
• Comprehensive benefits package.
• Training and mentorship opportunities.
• On-campus wellness activities.
• Education reimbursement program.
• 401(k) program with discretionary employer match.
• Generous vacation accrual and paid holiday schedule.

• Conduct regular vulnerability assessments and help triage identified vulnerabilities and escalate tickets to IT teams for remediation.
• Monitor service tickets, security alerts, reported incidents, and SIEM escalations. Provide support for incident resolution.
• Monitor and investigate reported phishing emails.
• Support evidence collection and documentation of mitigation and remediation efforts which may be required as a result of audits or regulatory examinations.
• Support information security initiatives to improve system security hardening, establish secure baselines, and ensure compliance with regulatory requirements.
• Assist and support in the implementation of Information Security related projects.
• Provide after-hours coverage, when necessary, for security events and incident security tasks.
• Drive innovation and continuous improvement. Foster a culture of evolution by adapting to changes, optimizing processes, and contributing to the growth and success of the organization.
• Demonstrate accountability in your work by taking ownership of responsibilities, setting clear goals, meeting deadlines, and delivering high-quality results. Act with integrity, follow through on commitments, and uphold professional standards.
• Support and uphold company culture by aligning your work with the credit union's mission and values, contributing to a positive, high-performing environment. Serve as a role model for professionalism, collaboration, and the pursuit of excellence.
• Maintain regular and reliable attendance, including punctuality, are essential to achieving organizational excellence.

• Performs other duties as assigned.

• Collaboration: Establishes and maintains effective relationships, exhibits tact and consideration, displays positive outlook and pleasant manner, offers assistance and support to co-workers, works cooperatively in group situations, works actively to resolve conflicts
• Effective Communication: Expresses ideas and information in a clear and concise manner; tailors message to fit the interests and needs of the audience; delivers information in a manner that is interesting and compelling to the listener; keeps others adequately informed
• Execution: Turns strategy into action, aggressively pursues challenging goals and objectives; willing to put in requisite time and effort to accomplish objectives; takes a highly focused, goal driven approach toward work; implements plans efficiently and produces desired results within a specified timeframe
• Job Knowledge: Competent in required job skills and knowledge, exhibits ability to learn and apply new skills, requires minimal supervision, displays understanding of how job relates to others, uses resources effectively
• Member/Customer Focus: Displays courtesy and sensitivity, manages difficult member/internal customer situations, meets commitments, responds promptly to member/internal customer needs, solicits feedback to improve service
• Problem solving: Identifies and resolves problems in a timely manner, gathers and analyzes information skillfully, develops alternative solutions, resolves problems in early stages, works well in group solving situations
• Quality of work: Demonstrates accuracy and thoroughness; critically reviews work processes to ensure quality; identifies and resolves problems that could impact quality; makes sure deliverables and services meet all requirements, expectations and deadlines; does not make the same mistakes twice

• Associate degree in Information Systems/Technology, Computer Science or related discipline; or equivalent experience required.

• 1-3 years' experience in information security, preferably in a financial setting

• Security+, Network+, GSEC or other related certifications are desired.

Job Type

Full-time

Description

The Information Security Analyst is part of Poppy Bank's Information Security Team who proactively administer & maintain our cybersecurity risk posture. The incumbent will be experienced in information security and work under minimal supervision from the Information Security Officer. This position will be a liaison and collaborator with business units and work closely with the Information Technology team, various departments, and a variety of vendors that supply the bank's layered information security architecture. The incumbent is responsible for ongoing and continual administration, monitoring and reporting of information security events and the platforms that generate those events. Platforms include security awareness, breach & attack simulation, identity & access management, secrets management, vulnerability & patch management, end-point protection, and data-protection among others. The incumbent will work closely with a Managed Security Provider as some of the security platforms are outsourced to an MSP. The Information Security Analyst assists the ISO in responding to and mitigating threats across the organization.

The incumbent will work closely with the Information Security Officer in identifying analyzing and responding to emerging threats to the environment adjusting the security configurations accordingly. The Information Security team frequently collaborates across the organization in securely deploying new technologies and processes that support the business while protecting the Bank and its customers. The incumbent may serve as a liaison with the Bank's Compliance and Audit teams, ensuring close tracking of various audit and exam Where division of duties permit, the incumbent will assist the Information Technology team in various projects and tasks. This position requires that the individual work in office, independently, and with minimal supervision.

Ensures compliance within all Bank policies and procedures, as well as all applicable state and federal banking regulations.

Essential Duties and Responsibilities include the following:

• Configure, manage, monitor and report on multiple cyber security platforms and controls such as enterprise security awareness, breach & attack simulation, asset management, identity & access management, email security, and infrastructure & end-point security.
• Monitor and respond to alerts from various information security platforms
• Assists with implementation of policies or procedures and remediates compliance issues throughout the organization
• Work closely with internal IT, vendors, and third-party MSPs to identify and remediate vulnerabilities, manage risk and optimize security.
• respond to audits and exams and track remediation efforts to conclusion
• Diagnose and research causes of security issues (e.g., misconfigured DNS records, exposed insecure protocols, use of known vulnerable software, weak ciphers)
• Collaborate with IT to ensure secure deployment of new & existing capabilities and product deployments comply with security policies and standards
• Monitor and report on emerging cybersecurity threats and trends and provide recommendations to internal teams on how to mitigate risks.
• Respond to security incidents and/or policy violations
• Track, and report on the security risk register, Key Performance Indicators (KPI)/Key Risk Indicators (KRI) and MSP service tickets to the Information Security Officer and update the department at weekly Team meetings
• Implement proactive preventative measures
• Perform scheduled software/hardware system checks & upgrades (may involve occasional after-hours work)
• Research, install, configure, maintain, and monitor cyber security platforms
• Maintain strong knowledge of the threat landscape and mitigation strategies
• Document internal processes and procedures related to duties and responsibilities
• Minimum of 10 hours CRA volunteer hours per year. Volunteer hours are typically scheduled within business hours. This is compensable time and mileage is reimbursed
• Other duties as assigned

• A minimum of 4 years of experience as an Information Security Analyst or similar role.
• A BA/BS degree in Computer Science or related discipline; or an equivalent combination of experience and education.
• Security certification(s) such as security+, CEH or similar is preferred
• Experience in the highly regulated banking industry is preferred.
• Experience in securing Saas environments is preferred.
• Proficient understanding of IT concepts and principles, including strong knowledge of networking, server management, firewall, SD-WAN, and virtualization technologies.
• Familiarity with security frameworks and standards (e.g., NIST Cybersecurity Framework (CSF), NIST 800-53, CIS Security Controls, MITRE ATT&CK)
• Understanding of the following technologies: PC's, laptops, printers, mobile devices such as Apple iPad, and other peripherals, networking, Active Directory, Exchange, Windows, Microsoft Office, anti-virus / anti-malware software.
• Working knowledge of Windows 10, Server 2016, Server 2019, Office 2019, M365
• Ability to prioritize and manage multiple tasks to meet deadlines
• Ability to interact with a wide range of internal staff members and external professionals, including consultants, vendors, auditors, technical staff, and others
• Intermediate level experience with creating technical documentation.
• Experience of working in a fast-paced, team-oriented environment, with the ability to positively contribute to cross-functional teams
• Intermediate level knowledge of networking/security solutions including firewalls, IPS, SIEM, LAN/WAN, wireless, VPN, VLANs preferred
• The ability to learn quickly and adapt to changing requirements

BAI, a defense contractor, is seeking an Information Security Analyst with 3+ years of experience with DevSecOps Automation and Continuous Integration Continuous Delivery (CI/CD) experience to work Department of Defense (DoD) programs at the Naval Base Point Mugu located near Camarillo, CA. Opportunities for career advancement, excellent benefits, and stability are some of the advantages of our well established, employee-focused company.

Salary

The typical annual salary range for this position is $120,000.00 USD to $153,000.00 USD. Salary will be based on current qualifications, directly related experience, geographic location, and possible contractual requirements which could fall outside of this range.

Information Assurance

• Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information
• Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies
• May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
• May respond to computer security breaches and viruses
• Work with ISSO and Cybersecurity Lead to respond to computer security breaches and viruses

DevSecOps

• Integrate security into a continuous integration, continuous delivery, and continuous deployment pipeline to minimize vulnerabilities in software code
• Ensure the entire DevOps team, including developers and operations teams, share responsibility for following security best practices
• Enable automated security checks at each stage of software delivery by integrating security controls, tools, and processes into the DevOps workflow
• Assist in the continuous integration, continuous delivery/deployment (CI/CD), continuous feedback, and continuous operations cycle

• Between 3 and 10 years of practical CEAT computer security experience in secure network and system design, analysis, procedure/test generation, test execution and implementation of computer/network security mechanisms
• Security+
• CISSP Certification or NSA equivalent
• IAM Level 2 as per DoD Directive ; and experience working with the Risk Management Framework processes.
• Strong DEVSECOPS and Linux background is a plus
• Excellent communication and interpersonal skills—verbal, non-verbal, written, and listening—for staff, customer, and organizational level communications, both formal and informal
• Ability to work independently, self-starter
• Working knowledge and use of Microsoft Office suite programs, MS Word, Excel, Access, and PowerPoint

Education:

BS or BA degree in a Computer or Information Science field or a relevant technical discipline.

ALLOWABLE SUBSTITUTION: An additional 6 years of relevant work experience may be substituted for a Bachelor’s Degree, or 4 additional years of work experience with a relevant Associate’s Degree.

Clearance :

Condition of employment – must have a T5/Secret Security Clearance and be able to acquire and maintain a DoD Top Secret Security Clearance. Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

Citizenship :

Must be a US citizen at time of application.

BAI is an Equal Opportunity Employer. All qualified applicants receive consideration for employment without regard to race, color, religion, sex, national origin, disability, veteran status, or any other non-merit based factors made unlawful by federal, state or local laws.

Overview: The Information Security Analyst is an early-career role within TCW's Information Security team, focused on supporting the firm's enterprise security and vulnerability management efforts. The team is responsible for protecting the confidentiality, integrity, and availability of the firm's data and technology assets through proactive monitoring, response, and continuous improvement of information security controls and processes. The analyst will gain hands-on experience with security monitoring, incident investigation, and collaboration across technology and business teams to strengthen the firm's overall security posture.

Purpose: The Information Security Analyst will assist in the continuous improvement of TCW's information security operations by analyzing and assessing threats, supporting vulnerability management processes, and contributing to incident response activities. The analyst will work closely with experienced security professionals and cross-functional partners to detect risks, validate security events, and coordinate remediation efforts. This position offers a strong foundation for developing technical skills and understanding enterprise security operations in a dynamic, regulated environment.

Support the full vulnerability management lifecycle, including vulnerability scanning, risk assessment, prioritization, and remediation efforts.
• Investigate, validate, and escalate suspicious or anomalous security activity through available tools and telemetry.
• Perform detailed analysis of alerts and events generated from security platforms to determine risk and potential impact to the firm.
• Contribute to the enhancement of technical controls and operational processes across the Information Security Program.
• Collaborate with technology and cross-functional teams to assess existing controls and implement security improvements.
• Document incident investigations, analysis steps, and remediation outcomes for knowledge sharing and continuous improvement.
• Participate in threat analysis activities, including reviewing threat intelligence and mapping to TCW's environment to identify risks or exposures.
• Support and maintain the firm's vulnerability management lifecycle, including vulnerability scanning, reporting, and remediation coordination.
• Conduct proactive threat hunting and investigation of anomalous behavior in TCW's systems and networks.
• Participate in regular security operations reviews and recommend improvements to processes, tools, or controls.
• Stay current with evolving threat landscape, attack techniques, and best practices in security monitoring and response.
• Perform other security-related duties as assigned.

• Minimum of 2 years of experience in an Information Security Analyst, SOC Analyst, or similar role with significant exposure to security operations, incident and threat analysis
• Hands-on or foundational experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk, QRadar, etc.) and vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7).
• Understanding of incident response methodologies, threat detection, and information security principles.
• Strong analytical skills with the ability to identify root causes and provide actionable recommendations.
• Excellent written and verbal communication skills, including clear documentation of investigative steps and outcomes.
• Ability to work independently and collaboratively with technical and non-technical stakeholders.
• Comfortable managing multiple priorities in a fast-paced, evolving environment.

• Bachelor's degree in information security, Computer Science, Information Systems, or related field
• Familiarity with threat modeling frameworks (e.g., MITRE ATT&CK).
• Knowledge of security frameworks (e.g., NIST, ISO, CSA)
• Exposure to cloud platforms (e.g., Azure, AWS) and associated security practices.
• Experience with scripting or querying tools (e.g., KQL, PowerShell, Python) to assist with analysis and automation.
• Certifications such as Security+, CySA+, CEH, GCIA, GCIH, GSEC, or equivalent.

Estimated Compensation:

Base Salary: For a CA based position, the base salary is $90-100K.

Other Compensation :In addition to the base salary, this position will be eligible to be considered for an annual discretionary bonus.

Benefits : Eligible for TCW's comprehensive benefits package. See more information here.

#LI-JS1

About Us

Credit Unions are not-for-profit organizations that exist to serve their members rather than to maximize profits. As a member-owned institution, our focus is on providing a safe place to save and borrow at reasonable rates! That is why our mission at Mid American Credit Union is to be the best choice for quality financial services, above and beyond all other alternatives.

Who Should Apply

Mid American Credit Union is looking for individuals that like to be challenged, rewarded and inspired! This job is perfect for self-motivated, quick thinkers with unmatched problem-solving skills. Are you ready to be a part of a team that provides outstanding service each and every day?

What You'll Do

As part of the IS team, the Information Security Analyst is responsible for assisting in on going reviews of IS systems and hardware to assure that regulatory requirements are met, and that all internal policies and procedures conform to regulatory levels. The Information Security Analyst is also responsible for assisting in the detection and remediation to third party audits, testing, and real time security vulnerabilities. The Information Security Analyst will also assist other members of the IS team and third-party vendors in maintaining technology infrastructure and processing cycles in a manner that adheres to IS Compliance, IS Security, and IS performance standards.

Operations

• IS Compliance and Cybersecurity
  • Lead the completion of Mid American Credit Union's ongoing review of IS systems and procedures.
  • Assist management to ensure information security policies and procedures conform to the appropriate regulatory level.
  • Assist management by monitoring and advising on status of emerging trends in the industry and research potential security enhancements as directed by management.
• Third Party Audits and Testing
  • Schedule and review periodic vulnerability and penetration test reports to track vulnerability and patch remediation efforts.
  • Work with 3rd party vendors and IS staff to identify the appropriate mitigation action and remedies to reduce the risk to Mid American Credit Union information assets with minimal negative impact on the associated business processes.
  • Investigate and report security violations of Mid American Credit Union Information Security policies and procedures
  • Assist in Mid American Credit Union's annual Disaster Recovery testing and complete internal audits which include, but are not limited to, active directory reviews, internet logs, internal privileges, system access, media access, etc.
• Network Performance and Hardware
  • Review hardware, software, and firmware technologies for possible security vulnerabilities that could impact the security of Mid American Credit Union assets.
  • Provide trouble shooting and problem resolution for functional security and resolve security issues.
• User Support -
  • Respond to user requests for assistance in a timely, accurate and professional manner.
  • Log all users requests in the Help Desk ticketing systems.
  • Assist other team members with open tickets as needed.
  • Perform any other duties as needed.
• Third Party Vendor, Training and Documentation -
  • Establish and maintain relationships that adhere to the credit union service standards with other Mid American Credit Union employees and third party vendors.
  • Assist in the daily coordination and collaboration with third party vendors.
  • Assist in IS security awareness and training efforts throughout the credit union.
  • Assist in updating existing IS policies and procedures.
  • Maintain all required documentation which includes, but not limited to; the ACET workbook, exam documentation, daily monitoring, vulnerabilities and remediation, audit test findings and remediation, incident response, change management, etc.

• Must be team oriented and possess a positive attitude while working well with others.
• Customer service experience including the ability to effectively perform the skills necessary to deliver exceptional service, such as communication, empathy, patience and organization.
• Education - A 2-year college degree or completion of a specialized course of study at a business or trade school preferred.
• Experience - 6 months to 2 years of similar or related experience, including time spent in preparatory positions. Working knowledge of front and back office financial institution processes is a plus.
• Understanding of networks and cyber security. Working knowledge relating to Microsoft server, exchange, and active directory preferred.
• A significant level of trust and diplomacy is required to be an effective subject matter expert in the position. In-depth dialogues, conversations and explanations with customers, direct and indirect reports and outside vendors of a sensitive and/or high confidential nature is a normal part of the day-to-day experience. Communications can involve motivating, influencing, educating and/or advising others on matters of significance.
• Must be able to work extended hours and/or travel off site when requested by management.
• 24x7 on call is required with on-site Saturday rotation duties.
• Must be able to perform job functions independently or with limited supervision and work effectively on own or as part of a team. Must be able to read and carry out various written instructions and follow oral instructions.
• Strong verbal and written communication skills. Strong organizational skills
• Ability to demonstrate a high degree of integrity, trust-worthiness, and maintain confidentiality of information and job-related data.
• Ability to prioritize multiple tasks and adjust to changing priorities, as well as, meet hard deadlines.

• A Company that Cares. We are more than a financial institution; we give back to our community. We teach financial literacy and donate to and support local organizations.
• Work that Stays at Work. Genuine work/life balance served here!
• Rest and Relaxation. Paid vacation time, personal leave and paid holidays