IT Security Analyst II
Audubon Companies
- Houston, Texas, United States
- Houston, Texas, United States
Über
Primary Responsibilities
Monitor, triage, and investigate reported phishing attempts, suspicious emails, account activity, endpoint events, and other user‑reported or system‑generated security incidents; coordinate containment, remediation, and escalation as required.
Review and analyze alerts from SOC services, SIEM platforms, endpoint protection tools, identity systems, Microsoft 365 security controls, and threat intelligence sources; identify trends, false positives, recurring risks, and opportunities for improved detection.
Tune and maintain email security controls, including spam, phishing, impersonation, and malware filtering; recommend and implement rule changes to reduce risk while minimizing business disruption.
Administer phishing simulation campaigns, security awareness training, user follow‑up, and reporting; partner with IT and business leaders to improve user resilience against social engineering threats.
Administer and support endpoint protection, internet security, zero‑trust desktop controls, and related security platforms; assist with configuration reviews, exception handling, policy updates, and troubleshooting.
Monitor Microsoft 365 user account security, email activity, conditional access signals, risky sign‑ins, and related security posture indicators; support remediation of compromised or high‑risk accounts.
Support vulnerability management and security hygiene activities by reviewing findings, coordinating remediation with IT teams, validating corrective actions, and documenting risk exceptions where appropriate.
Maintain ISMS records, evidence repositories, control documentation, incident records, and audit support materials for ISO 27001 and other compliance or customer‑driven security requirements.
Participate in incident response activities, risk assessments, tabletop exercises, process improvement initiatives, and security projects; contribute practical recommendations that reduce operational risk and improve security maturity.
Prepare recurring metrics, status updates, and management‑level summaries related to security incidents, user awareness, control effectiveness, compliance activities, and open remediation items.
Provide security guidance to IT staff and non‑technical users, balancing risk reduction with business continuity and practical user support.
Experience and Skill Requirements
Bachelor’s degree in Information Security, Computer Science, Engineering, Information Technology, or related field, or equivalent combination of education, training, and experience.
Three to five years of experience in IT security, cybersecurity operations, infrastructure security, identity administration, incident response, or a closely related IT role.
Hands‑on experience with security tools and platforms such as SIEM, endpoint detection and response, endpoint protection, email security, identity and access management, vulnerability management, and Microsoft 365 security administration.
Working knowledge of phishing analysis, incident triage, endpoint investigation, identity‑related threats, cloud productivity platform security, and common attack techniques.
Experience administering or supporting Okta, Microsoft 365, endpoint protection, internet security, and zero‑trust or conditional access controls preferred.
Understanding of ISMS practices, security policies, risk management, audit evidence collection, and compliance frameworks such as ISO 27001.
Ability to analyze security events, document findings clearly, prioritize risk‑based remediation activities, and communicate practical recommendations to technical and non‑technical audiences.
Strong written and verbal communication skills in English; Spanish proficiency is a plus but is not required.
Ability to work independently, manage recurring security responsibilities, collaborate across teams, and support occasional after‑hours incident response or planned security activities when business needs require.
Relevant certifications such as CompTIA Security+, CySA+, SSCP, GSEC, CISSP, CISM, or Microsoft security certifications are preferred.
Health, Safety, and Environmental Responsibilities
All employees are responsible for supporting Audubon Companies’ Health, Safety, and Environmental (HSE) policies and procedures.
Perform duties in a manner that protects personal and team health and safety.
Participate in required HSE training, meetings, and reporting activities.
Identify and report hazards, near misses, and unsafe conditions.
Follow safe work practices and comply with applicable regulatory requirements.
Equal Opportunity Employer / Veterans / Disabled.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klick auf „Jetzt Bewerben”, um deine Bewerbung direkt auf deren Website einzureichen.