Laserfiche is hiring an Information Security Analyst I

Responsibilities

• Configure and manage security tools including endpoint detection and response (EDR), SIEM, vulnerability management platforms, email security, identity and access management (IAM) and other security technologies.
• Support ITS and Development teams in integrating security controls into system architecture and deployment workflows.
• Assist in the evaluation and implementation of new security technologies to enhance prevention, detection and response capabilities.
• Safeguard Laserfiche information in accordance with Laserfiche Information Security Policies.
• Monitor security events and alerts from SIEM, EDR, cloud-native logging tools and other detection platforms.
• Perform triage, investigation and root cause analysis of security incidents and suspicious activity.
• Support incident response efforts in coordination with ITS and business stakeholders.
• Develop and tune detection rules, alerts and automated response playbooks to improve security visibility and reduce false positive rates.
• Document incidents, response actions and lessons learned to strengthen operational maturity.
• Participate in tabletop exercises and incident response testing activities.
• Perform recurring vulnerability scans across infrastructure, endpoints, applications and cloud environments.
• Validate findings, prioritize remediation based on risk and track mitigation progress with system owners.
• Conduct configuration reviews and security assessments of systems and cloud resources.
• Stay current on emerging threats, vulnerabilities and exploit techniques, and recommend appropriate countermeasures.
• Partner with ITS and Development teams to drive timely remediation of security findings.
• Support security configuration and monitoring of cloud and SaaS environments including AWS, Microsoft 365 and Okta.
• Review IAM roles, policies and permissions to enforce least privilege and proper access controls.
• Assist in the secure implementation of new cloud services and infrastructure changes.
• Contribute to security awareness initiatives, including phishing simulations, training content and employee communications to promote a security-conscious culture.
• Provide technical security guidance to internal stakeholders and assist in responding to security-related customer or vendor inquiries.
• Support internal audits and compliance initiatives by gathering technical evidence of control implementation.
• Participate in risk assessments, vendor reviews and architecture design discussions.
• Help refine security policies, standards and procedures based on operational experience.

Benefits

• Generous time off: 15 Days of Vacation, 3 Floating Holidays, 2 Paid Volunteer Days, 9 Paid Holidays
• Hybrid Work Environment
• Free Parking: covered and EV charging stations
• Various 401 (k) Investment Options and Generous Company Match
• HMO and PPO Medical Care Options

Work Arrangement

Hybrid

Additional Information

• Applicants must be authorized to work for Laserfiche in the United States on a full-time basis without the need for employer sponsorship. We are unable to sponsor new employment visas, or take over sponsorship of existing employment visas, at this time.