Information Security Analyst

Houston, TX, United States

Information Security Analyst

We're HCSS. We're a software company based in Sugar Land, TX and we provide innovative solutions for the construction industry that help streamline their operations. Our mission at HCSS is helping customers achieve excellence through our proven, customer-centric, end-to-end solutions and exceptionally helpful service while providing a great life for our employees. With this mission at the forefront of everything we do, we're recognized as a pioneer and leader in our market and nominated the "Best Companies to Work for in Texas" 15 years in a row.

WHO WE NEED:

We are looking for an experienced Information Security Analyst for our Information Security team who will be part of a team of highly technical folks and a growing security team.

You will work closely with all departments but most importantly Information Technology, Enterprise Applications, Compliance, and DevOps teams to ensure the confidentiality, integrity, and availability of our data and systems. Your expertise in industry regulations, standards, and cloud infrastructure will be instrumental in supporting the organization's information/cyber security objectives. If you're a fit, the following things should sound like you:

Bachelor's or Master's degree in Computer Science or Information/Cyber Security..

3-5 years experience in information security or related fields.

Demonstrated experience with MS Azure Sentinel, MS Event Hub, Azure Log Analytics, Entra ID and Entra ID Security Tools, Azure Front Door or similar technologies.

Hands-on experience with penetration testing, tools, and techniques.

Experience with firewalls, proxies, SIEM, antivirus, and IDPS concepts.

Experience in identifying and mitigating network vulnerabilities and avoidance techniques.

Experience with patch management with the ability to deploy patches in a timely manner while understanding business impact.

Research the latest in information technology security trends to keep up to date with the subject and use the latest technology to protect information.

Experience with developing security plans for best standards and practices for the company.

Conduct frequent testing of simulated cyber attacks to look for vulnerabilities in the computer systems and take care of these before an outside cyber-attack.

Make recommendations to managers and senior executives about security advancements to best protect the company's systems.

Confident in being accountable for ensuring ongoing user adoption, support, architectural design, and custom development activities as well as responsibilities for enhancements, release updates, and reporting for multiple departments.

Demonstrated experience with MS Azure Sentinel, MS Event Hub, Azure Log Analytics, Entra ID and Entra ID Security Tools, Azure Front Door

WHAT YOU'LL DO:

Engineering: Implement and configure cloud security tools and services.

Perform security assessments and audits of cloud environments.

Monitor and analyze cloud logs and security events.

Work with DevOps teams to automate security processes in cloud environments.

Respond to and investigate security incidents in the cloud.

Operations: Manage and configure firewalls and intrusion detection/prevention systems.

Ensure compliance with cloud security policies and standards.

Monitor and respond to security alerts and incidents in the cloud.

Conduct regular vulnerability assessments of cloud infrastructure.

Implement and manage encryption and key management solutions in the cloud.

Incident Response: Develop and maintain incident response plans and procedures.

Lead incident response efforts for security events.

Coordinate with other teams to contain and remediate security incidents.

Conduct post-incident reviews and recommend improvements.

Guide legal and regulatory requirements related to cloud incident response.

Logs and Monitoring Analytics: Configure and manage logging and monitoring solutions for cloud environments.

Analyze logs and security events to identify and respond to threats.

Create and maintain dashboards and reports for cloud security monitoring.

Collaborate with other teams to enhance logging capabilities for cloud services.

Ensure the integrity and confidentiality of logs and monitoring data.

Cloud Security Projects: Collaborate with project teams to ensure security considerations are integrated into cloud projects.

Conduct security assessments for new cloud services and applications.

Guide secure cloud configurations and settings.

Work with vendors and partners to assess and ensure the security of third-party cloud services.

Architecture Support: Support implementation of secure cloud architecture and solutions.

Assist with regular reviews of cloud infrastructure for compliance with security best practices.

Maintain security policies and standards.

BENEFITS & PERKS:

Part of our mission statement is to provide a great life for our employees. We believe that happy employees make for a better company, so we take care of them. Here are a few of the perks we offer: Flexibility for you to work in-office or hybrid.

Medical and Dental Premiums.

On-site amenities include a covered basketball court, soccer field, 200-meter track, etc.

401K with match.

Tuition reimbursement.

And more!