Senior Information Security Analyst

•  Monitor and triage security alerts from SIEM, EDR, IDS/IPS, CSPM, and other telemetry sources; validate true positives and reduce false positives.

•  Conduct incident investigations and document findings, scope, root cause, and remediation actions.

•  Lead or support incident response activities including containment, eradication, and recovery.

•   Develop, maintain, and tune detection logic, alerting, and response playbooks and runbooks.

•   Maintain, administer, and optimize security tools and platforms (e.g., SIEM, EDR, vulnerability scanners, email security, DLP), including upgrades, configuration changes, health monitoring, and integrations.

•  Partner with IT and Engineering teams to remediate vulnerabilities, harden configurations, and improve overall security controls.

•  Support and lead audit readiness for PCI DSS and ISO/IEC 27001.

•  Coordinate evidence collection and manage auditor interactions.

•   Perform gap assessments and track remediation efforts.

•   Maintain ISMS documentation, policies, and procedures.

•   Assist with risk assessments and continuous compliance activities.

•   7+ years of information security experience.

•   Bachelor’s Degree in Information Security, Computer Science, MIS/CIS, or equivalent experience.

•   Hands-on SOC responsibilities.

•    Experience supporting PCI DSS and/or ISO 27001 audits.

•    Strong understanding of incident response, SIEM, EDR, IAM, and vulnerability management.

•    Ability to produce clear documentation and communicate with technical and non-technical stakeholders.

•   Experience with cloud security platforms and automation.

•   Experience with programming and scripting automation.

•   Familiarity with NIST CSF, SOC 2, or CIS Controls.

•   Certifications such as CISSP, CISA, CySA+, GCIH, PCI ISA, or ISO 27001 training.