Laserfiche is a global leader in intelligent document management and business process automation. They are seeking an Information Security Analyst I to play a hands-on role in defending their systems, focusing on security operations, monitoring, and implementing security controls across cloud and on-prem environments.
Responsibilities
- Configure and manage security tools including endpoint detection and response (EDR), SIEM, vulnerability management platforms, email security, identity and access management (IAM) and other security technologies
- Support ITS and Development teams in integrating security controls into system architecture and deployment workflows
- Assist in the evaluation and implementation of new security technologies to enhance prevention, detection and response capabilities
- Safeguard Laserfiche information in accordance with Laserfiche Information Security Policies
- Monitor security events and alerts from SIEM, EDR, cloud-native logging tools and other detection platforms
- Perform triage, investigation and root cause analysis of security incidents and suspicious activity
- Support incident response efforts in coordination with ITS and business stakeholders
- Develop and tune detection rules, alerts and automated response playbooks to improve security visibility and reduce false positive rates
- Document incidents, response actions and lessons learned to strengthen operational maturity
- Participate in tabletop exercises and incident response testing activities
- Perform recurring vulnerability scans across infrastructure, endpoints, applications and cloud environments
- Validate findings, prioritize remediation based on risk and track mitigation progress with system owners
- Conduct configuration reviews and security assessments of systems and cloud resources
- Stay current on emerging threats, vulnerabilities and exploit techniques, and recommend appropriate countermeasures
- Partner with ITS and Development teams to drive timely remediation of security findings
- Support security configuration and monitoring of cloud and SaaS environments including AWS, Microsoft 365 and Okta
- Review IAM roles, policies and permissions to enforce least privilege and proper access controls
- Assist in the secure implementation of new cloud services and infrastructure changes
- Contribute to security awareness initiatives, including phishing simulations, training content and employee communications to promote a security-conscious culture
- Provide technical security guidance to internal stakeholders and assist in responding to security-related customer or vendor inquiries
- Support internal audits and compliance initiatives by gathering technical evidence of control implementation
- Participate in risk assessments, vendor reviews and architecture design discussions
- Help refine security policies, standards and procedures based on operational experience
Skills
- Bachelor's degree in cybersecurity, information systems, computer science or related field
- Experience in security operations, information security or a related technical role
- Experience supporting on-premises, hybrid and cloud environments
- Foundational understanding of security operations, including monitoring, incident response and vulnerability management
- Familiarity with SIEM platforms (Splunk preferred), EDR solutions and vulnerability management tools
- Foundational understanding of network security principles including segmentation, firewall management, VPN technologies and traffic analysis
- Experience with Windows and Linux system administration and hardening practices
- Awareness of common attack frameworks such as MITRE ATT&CK and prevalent adversary techniques
- Strong analytical and problem-solving skills with attention to detail
- Relevant certifications such as Splunk, Security+, CySA+, BTL1, PSAA or AWS Cloud Practitioner are preferred
Benefits
- Generous time off:15 Days of Vacation
- 3 Floating Holidays
- 2 Paid Volunteer Days
- 9 Paid Holidays
- Hybrid Work Environment
- Free Parking: covered and EV charging stations
- Various 401 (k) Investment Options and Generous Company Match
- HMO and PPO Medical Care Options
Company Overview
- Laserfiche is the world's largest private Enterprise Content Management (ECM) software development company. It was founded in 1987, and is headquartered in Long Beach, California, USA, with a workforce of 201-500 employees. Its website is http://www.laserfiche.com.