Lead Information Security Analyst

Our client is seeking an experienced and strategic Lead Information Security Analyst to join their fully remote team. This position offers the flexibility to work from anywhere, focusing on protecting our digital assets and infrastructure.

The Lead Information Security Analyst will be responsible for developing, implementing, and maintaining comprehensive security strategies and programs. You will lead efforts to identify, assess, and mitigate security risks across the organization. This role requires a deep understanding of cybersecurity principles, threat landscapes, and best practices. You will collaborate with IT teams and business units to ensure security is integrated into all aspects of operations.

Key responsibilities: Develop and execute the organization's information security strategy and roadmap. Oversee the implementation and management of security controls, policies, and procedures. Lead incident response activities, including investigation, containment, and remediation of security breaches. Conduct regular security risk assessments, vulnerability assessments, and penetration testing. Manage security awareness training programs for employees. Stay current with emerging threats, vulnerabilities, and cybersecurity technologies. Collaborate with IT and engineering teams to ensure secure system design and implementation. Develop and maintain security documentation, including policies, standards, and guidelines. Mentor and guide junior security team members. Ensure compliance with relevant regulations and industry standards. Evaluate and recommend new security technologies and solutions. Act as a subject matter expert on information security matters. The ideal candidate will have a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A Master's degree or relevant industry certifications (e.g., CISSP, CISM, GIAC) are highly desirable. A minimum of 8 years of progressive experience in information security roles is required, with at least 3 years in a leadership or senior analyst capacity. Proven experience in developing and implementing security frameworks (e.g., NIST, ISO 27001) is essential. Strong knowledge of network security, endpoint security, cloud security, and application security is critical. Experience with security tools such as SIEM, IDS/IPS, firewalls, and endpoint detection and response (EDR) is required. Excellent analytical, problem-solving, and incident response skills are a must. Superior communication and interpersonal skills, with the ability to explain technical concepts to non-technical audiences, are vital. This is a fully remote position, requiring self-motivation, excellent time management, and the ability to work effectively independently.