Senior Information Security Analyst

Proudly voted a Great Place to Work®, we are a dynamic startup in the SaaS space that is revolutionizing how businesses communicate. Our team is made up of 500 energetic and passionate Unifones who are dedicated to delivering the best possible experience to 5000+ customer-centric companies.  

We pride ourselves on our fun and collaborative work environment, where creativity and new ideas are constantly encouraged. As shareholders in the business, we’re so much more than a group of passionate communicators. We are Unifones. Join our team and be a part of something big! 

Meet the team!

Our Engineering team is responsible for designing, developing, and maintaining the systems and technologies that drive Unifonic’s solutions. We work closely with other departments to ensure our products and services meet the needs of our customers. If you are passionate about technology and are excited about working on cutting-edge communication and engagement solutions, we want you on our team.

As a Senior Information Security Analyst, you will provide expertise in IT and Information Security controls and assurance, Cyber Security threat and vulnerability management and response, and supplier security due diligence and assurance. The Information Security Analyst leads initiatives and guides the organization in developing and improving security controls and services, assuring secure business change, and protecting the organization against internal and external cybersecurity threats.

Help us shape the future of communications by:

• Managing and implementing security controls, policies, and procedures

• Conducting security assessments, risk assessments, and vulnerability assessments

• Leading and coordinating security incident response activities

• Analyzing and correlating logs using security information and event management (SIEM) platforms

• Utilizing network security tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), and network monitoring solutions

• Implementing and managing endpoint security tools and technologies, including antivirus, endpoint detection and response (EDR) solutions, and host-based firewalls

• Conducting penetration tests using tools such as Metasploit, Burp Suite, or similar tools for security assessments

• Using threat intelligence feeds and platforms to enhance security monitoring and incident response

• Applying secure coding practices and using code analysis tools

• Performing security assessments of web applications using tools like OWASP ZAP or Burp Suite

• Ensuring compliance with regulatory requirements relevant to the organization (e.g., GDPR, NIST, ISO 27001)

• Applying cloud security best practices and securing cloud environments (e.g., AWS, GCP)

• Delivering security awareness training and education for employees

• Minimum of 5 years of hands-on experience working with Internal Security Systems, including SIEM and EDR solutions

• Knowledge of and preferably certification in ISO 27001, ISO 27017, and ISO 27018. Additional certifications related to security, such as CISSP, CISM, or CISA, are a plus

• Familiarity with SOC2 compliance, including firsthand experience in at least one audit process

• A solid understanding of IT systems, including cloud-based environments, and the ability to assess and secure these technologies

• Proficiency in working with SIEM solutions to monitor, detect, and respond to security incidents effectively

• Competency in EDR technologies to enhance endpoint security and threat response

• Experience in incident response procedures and the ability to coordinate and lead incident response efforts

• Familiarity with threat intelligence feeds and their application in bolstering security monitoring

• Knowledge of security assessment tools for vulnerability scanning, penetration testing, and risk assessment

• Understanding of cloud security best practices and experience in securing cloud environments

• Ability to collaborate effectively with cross-functional teams and promote a security-conscious culture within the organization

• Self-motivated with a determination to provide practical security solutions

• Excellent communication skills, with the capability to convey complex technical and security concepts to technical and non-technical stakeholders

• Willingness to follow established security procedures while actively contributing ideas for process improvements

As a Unifone, you will receive a range of benefits:

• Competitive salary and bonus.

• GOSI deduction coverage.

• Unifonic share scheme (we are all owners!).

• 30 holiday days after the first anniversary.

• Your Birthday off!

• Paid leave for new parents.

• LinkedIn Learning License.