Security Analyst II

The Security Analyst II plays a key role in operating, improving, and maturing North Risk’s security program, focusing on detection, investigation, vulnerability management, access governance, endpoint and email security, and compliance support.

Requirements

• A combination of education and experience generally attained through an associate’s degree in Information Technology, Cybersecurity, Networking, or related field, and a minimum of 5 years of progressive experience in cybersecurity, security operations, or related IT security roles
• Strong understanding of security fundamentals including: Detection response, least privilege and access governance, endpoint and email security, vulnerability management, and incident response principles
• Hands-on experience with Microsoft security technologies (Defender, Intune, Entra ID) or equivalent enterprise platforms
• Experience working in ticketing systems (e.g., ServiceNow) with strong documentation
• Ability to analyze technical data, investigate security events, and communicate findings clearly
• Experience supporting compliance or audit requirements in regulated environments
• Experience with detection tuning, alert optimization, or SIEM adjacent workflows, including email security and phishing response platforms
• Familiarity with insurance, financial services, or other regulated industries
• Ability to communicate technical findings to both technical and non-technical audiences, including written summaries for leadership
• Experience with PowerShell or other scripting languages for tasks automation is preferred
• Familiarity with NIST Cybersecurity Framework (CSF) 2.0 or similar security frameworks
• Certifications such as Security+, CySA+, SSCP, or equivalent is preferred, but not required

Benefits

• Comprehensive benefits package
• 401(k) plan
• Continuing professional education and development
• Volunteer time off
• Paid time off
• Paid holidays