Internal Security Analyst

About Us:

Beazley Security is a global cybersecurity firm committed to helping clients enable advanced cyber defenses that reduce risk with quantifiable results. We’re comprised of top talent from private industry, government, intelligence, and law enforcement who are specialists in threat detection, incident response, digital forensics, offensive security, risk management, and cyber resilience. As a subsidiary of specialty insurance giant, Beazley Insurance, we’ve been at the forefront of cyber insurance management and breach response activities for business clients in the US, UK, and Europe since 2017. As Beazley Security, the company has an expanded scope, leveraging nearly two decades of cyber incident experience, a strong services division, and a business strategy focused on growth, to realize our goals and deliver benefit for clients.

As a company, we are committed to upholding our core values of Belonging, Integrity, Service, Accountability, and Curiosity. We believe these values are essential to creating a strong and inclusive workplace culture, as well as to delivering world-class cybersecurity solutions to our clients worldwide. As Beazley Security, these values will continue to thrive, with an extra emphasis on expansion of our capabilities and capacity in helping solve unique client challenges.

Summary:

We are seeking a versatile and knowledgeable Security Analyst with a mixed background in engineering and governance, risk, and compliance (GRC). The ideal candidate will play a crucial role in maintaining our compliance with ISO/IEC 27001 and managing yearly audits. Additionally, the Security Analyst will collaborate with our IT team to ensure the proper functioning of security controls and contribute to our DevSecOps and application security initiatives. Experience in the MDR/EDR space is essential.

Key Responsibilities:

Governance, Risk, and Compliance (GRC):

• Maintain and enhance compliance with ISO/IEC 27001, ISO/IEC 27701, and SOC 2 standards.
• Manage and conduct yearly audits, ensuring thorough documentation and readiness.
• Develop, implement, and monitor risk management processes and controls.
• Ensure adherence to industry standards, regulations, and internal policies.

Engineering and Security Controls:

• Work closely with the IT team to ensure security controls are properly implemented and functioning.
• Conduct regular security assessments and vulnerability analysis.
• Assist in the development and deployment of security solutions across the organization.
• Collaborate with development and operations teams to integrate security practices into the DevSec Ops pipeline.

DevSecOps and Application Security:

• Promote and implement secure coding practices and application security controls.
• Conduct security reviews and threat modeling for new and existing applications.

Qualifications:

• Bachelor’s degree in Cyber Security, Computer Science, Information Security, or a related field.
• 3-5 years of proven experience in a security analyst role with a blend of GRC and engineering responsibilities, in an MDR/EDR environment
• In-depth knowledge of ISO/IEC 27001, ISO/IEC 27701, SOC 2 and audit processes.
• Strong understanding of security controls, risk management, and compliance frameworks.
• Experience in DevSecOps practices and application security.
• Hands-on experience with MDR/EDR tools and incident response.
• Relevant certifications such as CISSP, CISM, ISO 27001 Lead Auditor, or equivalent are a plus.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work collaboratively in a fast-paced, dynamic environment.

Lodestone offers:

• Generous PTO & a financial incentive to take time off of work & disconnect.
• Competitive salary and bonus structure
• Comprehensive benefits package, including health, dental, and retirement plans.
• Opportunities for career advancement and ongoing training.
• A dynamic and collaborative work environment with a focus on innovation.
• Participation in industry conferences and events.
• Flexible work arrangements.

Beazley Security is an equal opportunity employer. We embrace diversity and are committed to creating an inclusive environment for all employees.