Security Analyst

at  GoodLeap

About GoodLeap:
GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap’s proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $27 billion in financing for sustainable solutions since 2018.
GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America.
Position Summary
The Security Analyst role focuses on managing and responding to security incidents related to cloud infrastructure, applications, and endpoints, working closely with the managed Security Operations Center (SOC) and GoodLeap Security Engineers.
Responsibilities include detecting, analyzing, and mitigating security threats, performing incident investigations, and coordinating response efforts to minimize impact and drive permanent resolution. This role requires collaboration with cross-functional partners to enhance incident response processes and ensure effective communication with the SOC. Proficiency in cloud security principles, incident response frameworksand tools—along with excellent problem-solving skills and the ability to stay current with emerging threats—is essential.

REQUIRED SKILLS, KNOWLEDGE AND ABILITIES

• Bachelor’s degree in Computer Science, Information Technology, or related field (preferred)
• 3+ years of experience in a security analyst role or similar position
• 2+ years hands-on experience with security tools such as SIEM, IPS/IDS, firewalls, vulnerability scanners, and endpoint protection solutions
• Understanding of Security Orchestration, Automation and Response ideas, principals and tools
• Strong understanding of cloud security principles and best practices
• 1+ year experience working in a Cloud Service Provider (AWS, GCP, Azure)
• Demonstrated analytical and problem-solving skills
• Effective communication and documentation abilities
• Hold or be willing to obtain certifications such as GCIH, GCFE, GCFA, GCSA, GMON, CISSP, or other relevant security certifications
• Familiarity with endpoint operating systems like Windows and Mac
  In addition to the above salary, this role may also be eligible for a bonus.

ESSENTIAL JOB DUTIES AND RESPONSIBILITIES

• Continuously monitor security alerts and logs through our security information and event management (SIEM) platform, endpoint monitoring platform, and other security tools to identify and assess potential security incidents
• Develop and fine-tune SIEM rules and alerts to enhance detection capabilities
• Develop automated reporting capabilities to proactively inform Software Engineering teams of issues and impact
• Perform detailed analysis of complex security threats to determine root causes and impacts
• Review root cause analyses and assessments with Software Engineering leaders and other stakeholders to drive and prioritize long-term issue resolution
• Conduct regular security audits and compliance checks against industry standards and regulatory requirements
• Coordinate response activities for confirmed incidents and recommend remedial actions
• Prepare incident reports and documentation for internal stakeholders and compliance audits

ADDITIONAL INFORMATION REGARDING JOB DUTIES AND JOB DESCRIPTIONS:

Job duties include additional responsibilities as assigned by one’s supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law.