Information Security Analyst (Remote)

at  MEMX

MEMX is searching for an Information Security Analyst to work with our Information Security team. The team is responsible for all aspects of security across MEMX including cyber, information security, technology risk management, and physical security. The Information Security Specialist will support the formation of security policy and procedure, threat detection and analysis, and the ongoing implementation and monitoring of enterprise wide programs including incident response, penetration testing, vulnerability management and employee training.

MEMX currently has a U.S. presence in these states: California, Connecticut, Delaware, Florida, Georgia, Illinois, Kansas, Maine, Maryland, Michigan, Nevada, New Jersey, New York, North Carolina, Oregon, Pennsylvania, & South Carolina.

• If you live outside of the above states, please list in your application and our team will evaluate.

REQUIREMENTS

• 3-5 years of information security experience;
• Degree in Cyber/Information Security preferred;
• Exposure to financial services and/ or markets highly desirable;
• Knowledge of industry cybersecurity and risk management frameworks;
• Understanding of security issues, monitoring, maintaining secure networks, data centers, and cloud services;
• Motivated to learn new technologies and come up with process improvements and efficiencies;
• Strong written and verbal communication skills;
• Ability to work effectively in a fast paced, remote start-up environment;
• Ability to work both individually and collaboratively in cross functional teams;
• Desire to learn and grow within the field on cyber security;
• Proactive, detail-oriented, extremely organized, and accountable.
• Ability to participate in night and weekend on-call coverage as required

• Assist in continuous development, implementation and monitoring of a strategic, comprehensive enterprise wide cyber, information security and risk management program;
• Collaborate with the engineering team to design and build security into the infrastructure and software development platform;
• Identify, assess and deploy emerging technologies that enable the firm to better manage and monitor the security posture.
• Create and adapt security policies and guidelines as needed;
• Maintain proper documentation of daily alerts and investigations;
• Monitor the enforcement of security policies and procedures based on industry-standard best practices;
• Investigate and help respond to security incidents;
• Participate in development and distribution of employee security awareness training;
• Participate in penetration testing and remediation of enterprise and trading systems;
• Develop new and refine existing regular metrics and reporting to measure the efficiency and effectiveness of security operations functions;
• Daily monitoring, maintenance, and tuning of existing security platforms;
• Developing and implementing internal reporting from existing metrics;
• Work with internal and external teams to perform and document security audits;
• Perform incident triage, documentation, and escalation of appropriate incidents.