Information Security Analyst

With constant innovation, cutting-edge technology, and fast-paced development, we're looking for talented professionals to join our Information Technology team to help us continue delivering an unparalleled customer experience. The Security Operations team protects the foundation that makes Stuller's promises possible. We partner with teams across the organization to build security in from the start, hunt threats before they interrupt operations, and empower everyone to play a role in keeping Stuller secure. We maintain continuous monitoring of systems through our partnership with managed detection and response providers, while our analysts and engineers investigate incidents, make rapid decisions on response actions, and maintain the security capabilities that protect customer data and support our PCI-DSS compliance. We work collaboratively, share knowledge continuously, and follow frameworks like NIST CSF to strengthen our defenses while enabling the business to move fast.

The Information Security Analyst supports the company's security operations by monitoring, investigating, and responding to security events, while helping protect information assets from unauthorized access, disclosure, modification, or destruction. This role works with internal teams to identify risks, improve controls, and ensure security practices align with business needs and organizational policies., Monitor security alerts, logs, and events from security tools and platforms to identify potential threats, anomalies, and trends. Investigate security incidents and document findings, recommending containment, remediation, and preventive actions. Analyze data to identify recurring issues, emerging risks, and opportunities to improve monitoring and response. Support the implementation of security policies, procedures, and standards, and help track compliance across the organization. Work with business users and technical teams to resolve security issues while balancing operational needs and security requirements. Assist with vulnerability management, system hardening, and security configuration reviews. Prepare reports, summaries, and metrics for management and security leadership. Participate in incident response activities, including after-hours support when needed. Maintain awareness of current threats, vulnerabilities, and security best practices through ongoing learning.

Strong analytical and problem-solving skills. Ability to investigate technical issues and summarize findings clearly. Report writing and documentation skills. Ability to work independently and collaboratively across teams. Good communication skills with both technical and non-technical audiences., Bachelor's degree or equivalent education in Information Systems, Cybersecurity, Computer Science, or related field. At least three to five years of experience in information security, IT security, systems, network administration, or a related field. Familiarity with security tools, log analysis, vulnerability management, and incident response. Knowledge of information security policies, frameworks, and compliance practices, including NIST Cybersecurity Framework concepts. Detail-oriented and dependable. Professional, collaborative, and responsive under pressure. Able to maintain confidentiality and handle sensitive information appropriately. Ability to work on call or after hours as needed.

Preferred Qualifications:

Experience with SIEM, endpoint security, email security, firewall, and network security tools. Familiarity with Windows and Linux systems administration. Experience supporting audits, compliance efforts, or control validation. Professional certifications such as Security+, SSCP, CEH, or equivalent.