Dieses Stellenangebot ist nicht mehr verfügbar
Über
Every day, TreviPay employees are challenged and empowered in a supportive, collaborative, entrepreneurial environment.
We are seeking a
Senior Information Security Analyst
with deep experience in both security operations and audit/compliance execution. This role blends hands-on detection and incident response with ownership of audit readiness and evidence management for frameworks including PCI DSS and ISO/IEC 27001. The ideal candidate is comfortable working across technical and business teams, can translate security requirements into actionable controls, and can drive improvements to reduce risk and improve security posture. Key Responsibilities
Security Operations
• Monitor and triage security alerts from SIEM, EDR, IDS/IPS, CSPM, and other telemetry sources; validate true positives and reduce false positives.
• Conduct incident investigations and document findings, scope, root cause, and remediation actions.
• Lead or support incident response activities including containment, eradication, and recovery.
• Develop, maintain, and tune detection logic, alerting, and response playbooks and runbooks.
• Maintain, administer, and optimize security tools and platforms (e.g., SIEM, EDR, vulnerability scanners, email security, DLP), including upgrades, configuration changes, health monitoring, and integrations.
• Partner with IT and Engineering teams to remediate vulnerabilities, harden configurations, and improve overall security controls.
Audit, Risk, and Compliance
• Support and lead audit readiness for PCI DSS and ISO/IEC 27001.
• Coordinate evidence collection and manage auditor interactions.
• Perform gap assessments and track remediation efforts.
• Maintain ISMS documentation, policies, and procedures.
• Assist with risk assessments and continuous compliance activities.
Required Qualifications
• 7+ years of information security experience.
• Bachelor's Degree in Information Security, Computer Science, MIS/CIS, or equivalent experience.
• Hands-on SOC responsibilities.
• Experience supporting PCI DSS and/or ISO 27001 audits.
• Strong understanding of incident response, SIEM, EDR, IAM, and vulnerability management.
• Ability to produce clear documentation and communicate with technical and non-technical stakeholders.
Preferred Qualifications & Certifications
• Experience with cloud security platforms and automation.
• Experience with programming and scripting automation.
• Familiarity with NIST CSF, SOC 2, or CIS Controls.
• Certifications such as CISSP, CISA, CySA+, GCIH, PCI ISA, or ISO 27001 training.
Why you will love working at TreviPay
• Competitive salary
• Paid parental leave
• Generous paid time off
• Medical, dental, vision, FSA, Life/AD&D, long and short term disability
• 401K matching
• Employee referral program
At TreviPay we believe:
• in saying yes to unique and challenging requirements
• empowered team members are creative team members
• our products make the customer's day just a little bit better
• work/life balance makes us all more effective
TreviPay is an Equal Opportunity and Affirmative Action Employer. We welcome all veterans and disabled applicants.
Individuals with disabilities will be provided reasonable accommodation to participate in the job application and/or interview process. Please contact [email protected] to request an accommodation.
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot wurde von einem unserer Partner veröffentlicht. Sie können das Originalangebot einsehen hier.