Security Analyst

Kobalt.io is an equal-opportunity employer looking for team members who have a real passion for security. The Security Analyst - Delivery is an engaged contributor role within Kobalt’s security delivery team. The Security Analyst is responsible for supporting the client’s security journey by tailoring cyber security protocols, including policies, procedures, and protocols. Security Analyst also assists vCISOs with various types of security assessments and technical implementation projects. The Security Analyst will work directly with clients on creating policies that are aligned with the client's operations. The Security Analyst will also assist vCISOs with assessments with the goal to tailor a security journey based on clients’ needs. In addition, the Security Analyst will provide security education and conduct regular phishing tests for clients. Lastly, as Kobalt is a certified partner of Vanta, the Security Analyst will leverage the Vanta platform to accelerate the client’s compliance journey as a part of the security program. If you are ready for a new challenge and want to join a growing team, this is your opportunity. Kobalt is a rapidly growing cyber security services and technology firm focused on addressing the needs of small and mid-sized businesses. Founded in November 2018, Kobalt has been recognized as an emerging company on the Ready to Rocket Emerging ICT list, 2020 Startups to Watch by Techcouver, and has worked with over 250 companies addressing cyber security challenges since inception. **Your Responsibilities**: - Assist vCISOs in executing elements and projects, such as risk assessments, within a security program - Work directly with clients to understand their operations and tailor security policies and procedures that are fit to the organization - Design and deploy phishing tests to clients on a regular basis - Provide compliance audit readiness support as required - Provision, implement, and manage Vanta, or a similar GRC platform, for clients - Troubleshoot compliance monitoring issues within Vanta, or a similar GRC platform, for clients - Build new tools and techniques to compress human-intensive tasks into work that can be achieved in a fraction of the time - Document best practice procedures for commonly used technologies for standardization of deployment - Identify system misconfigurations and draw up recommendations for clients and assist where necessary - Collaborate with team members to assist with improvements, discovery, and production of creative and insightful security use-cases - Capture regular metrics highlighting key activities, measurable accomplishments, and blockers - Support the design and development of Kobalt’s service offerings through insightful feedback and a positive attitude as a contributing member of our security delivery team - Help drive improvements in our best-in-class security services through the creation of knowledge-base articles and services documentation - Complete technical certifications to help gain necessary technical knowledge and support Kobalt vendor partnerships **Your Qualifications & Skills**: - 1-2 years experience in Security Technologies, Information Security, Business Resilience, Technology Risk or related fields - Customer-first focus. - Can work independently and with teams to identify and resolve challenges and overcome roadblocks. - Ability to communicate effectively, both verbally and in writing, with clients and internal audiences - Understanding of cybersecurity domains, including Security Operations (on-premise and cloud), Security Engineering, Information Risk Management, etc. - The ability to articulate secure best practices of various aspects of information risk management in the context of people, processes and technology - Report Writing: Emphasis on Spelling, Grammar, Word usage, and ability to write a summary that answers the Who, What, Where, When, How, and to the best of your ability, Why. - Strong communication skills: Be able to perform summarization and commonality detection and "connect the dots" so that a group of facts is turned into contextual information. Then take that contextual information and determine if it proves your hypothesis right or wrong. - Ability to quickly learn and adapt security best practices to a wide variety of technologies in use by clientele **Desired Qualifications**: - GRCP certification is desired but not required - Enthusiasm, curiosity, thirst for knowledge - Intermediate coding/scripting skills to help automate processes and scale implementation efforts - Ability to perform in high pace environments - Strong Team Player - Ability to provide on-the-job training and knowledge sharing to other team members - Self-initiative with strong time management - Solid sense of integrity and identification with the mission. - Strong intuition and ability to think “outside the box” - Attention to detail while seeing the bigger picture **What’s In It For You**: Kobalt Se