Senior Security Analyst
MaintainX · Raleigh, NC · 2 wk ago
HybridInformation Technology$150/hrFull-time
About the role
The Senior Security Analyst will support the security program across both regulated (FedRAMP) and non-regulated environments. The role focuses on security operations, vulnerability management, and compliance support.
Responsibilities
- Monitor and triage security alerts using tools like Datadog, SIEM platforms, and other security monitoring solutions.
- Manage vulnerability assessment programs, tracking remediation efforts across cloud and on-premise infrastructure.
- Conduct security control assessments and prepare technical documentation and evidence for audits.
- Support penetration testing initiatives and security assessments on internal products and infrastructure.
- Investigate security incidents, document findings, and support incident response activities.
- Collaborate with DevOps, IT, Product, and other teams to implement and verify security controls.
- Develop tooling for the security team.
- Participate in internal and external audits across multiple compliance frameworks (FedRAMP, SOC 2, ISO 27001, etc.).
- Contribute to security policy development, documentation, and awareness training initiatives.
- Stay current with emerging threats, security best practices, and compliance requirements.
Requirements
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
- 2–4 years of experience in information security, security operations, or related roles.
- Hands-on experience with cloud security (mainly AWS) and cloud-native security tools.
- Familiarity with security frameworks such as NIST 800-53, SOC 2, ISO 27001, or FedRAMP.
- Experience with vulnerability management tools and processes.
- Understanding of security monitoring, log analysis, and incident response.
- Strong analytical and problem-solving skills with attention to detail.
- Excellent written and verbal communication skills.
- Able to work independently and collaboratively in a fast-paced environment.
Qualifications
- Experience with security tools such as Wiz, Datadog, Jira, vulnerability scanners, password managers, EDRs and SIEM platforms.
- Previous experience supporting compliance programs (FedRAMP, SOC 2, ISO 27001, etc.).
- Security certifications such as Security+, GSEC, OSCP, CISSP, or equivalent.
- Experience with penetration testing methodologies and tools.
- Knowledge of DevSecOps practices and security automation.
- Scripting or programming experience (typescript, dot net) for security automation.
Benefits
- Competitive salary and meaningful equity opportunities.
- Healthcare, dental, and vision coverage.
- 401(k) / RRSP enrolment program.
- Take what you need PTO.
Schedule
This role is hybrid out of our Raleigh or Montreal office.
Pay
Competitive salary and meaningful equity opportunities.