Yes Energy is hiring a Security Analyst II

Role Overview

This position is responsible for strengthening the security posture of multi-cloud and on-premises environments. The Security Analyst II identifies, evaluates, and addresses security risks through continuous monitoring, configuration reviews, and collaboration with technical teams. You'll play a key role in maintaining secure systems, supporting compliance efforts, and improving security automation.

Key Responsibilities

• Assess and prioritize findings from vulnerability scans, penetration tests, and configuration audits to identify security exposures.
• Partner with DevOps, engineering, and system owners to resolve vulnerabilities across AWS, Azure, Oracle Cloud, and on-prem infrastructure.
• Help define and enforce secure configuration standards for cloud resources.
• Monitor cloud platforms for misconfigurations and anomalous behavior.
• Review identity and access management policies and conduct privilege audits.
• Develop scripts in Python, PowerShell, or Bash to streamline detection, reporting, and remediation workflows.
• Integrate security data into dashboards and operational tools such as Jira, SIEM, and ticketing systems.
• Support compliance initiatives including SOC 2, ISO 27001, and customer security reviews by providing technical evidence and control documentation.
• Map technical security controls to compliance frameworks in collaboration with the compliance team.
• Participate in incident triage, response activities, and root cause analysis.
• Support endpoint protection, log collection, and threat intelligence operations.

Qualifications

Required

• Bachelor’s degree in computer science, information security, or a related field, or equivalent practical experience.
• At least two years of hands-on experience in information security, systems administration, or DevOps with a focus on security.
• Proficiency in at least one scripting language: Python, PowerShell, or Bash.
• Solid understanding of operating systems, networking concepts, and cloud architecture fundamentals.
• Familiarity with security standards such as NIST.
• Experience with vulnerability assessment tools like Tenable, Qualys, Rapid7, AWS Inspector, or Microsoft Defender.
• Working knowledge of security features and best practices in AWS, Azure, or Oracle Cloud.
• Ability to collaborate effectively with engineering, IT, and compliance teams.

Preferred

• Experience with SIEM or SOAR platforms such as Splunk or Microsoft Sentinel.
• Knowledge of infrastructure-as-code tools like Terraform or CloudFormation.
• Exposure to compliance frameworks including SOC 2, ISO 27001, or NIST 800-53.
• Relevant security certifications such as Security+, GSEC, or AWS Security Specialty.
• Experience with endpoint security, patching, and asset inventory management.

Technical Environment

AWS, Azure, Oracle Cloud, Tenable, Qualys, Rapid7, AWS Inspector, Microsoft Defender, Splunk, Microsoft Sentinel, Terraform, CloudFormation, Jira, SIEM platforms, Python, PowerShell, Bash.

Work Environment

This role supports a hybrid model with flexibility to work remotely or from core offices. Work schedules are adaptable to support work-life balance and productivity.

Compensation & Benefits

• Competitive base salary in the $80,000–$95,000 range
• Performance-based bonuses with clear paths to impact
• Medical insurance coverage
• 401(k) plan with company match
• Flexible vacation policy
• Support for professional development, including training and certification funding
• Recognized as one of the Best Places to Work in Colorado

Company Culture

We value innovation, high standards, and collaborative problem-solving. The team operates with a flat structure, emphasizing small, focused groups working on meaningful projects. Roles are dynamic, encouraging growth across technical domains. Learning is continuous, and professional development is embedded in daily work. We foster an environment where initiative, skill breadth, and teamwork are recognized and rewarded.

Equal Employment Opportunity

This organization is committed to fair and inclusive hiring practices. Employment decisions are made without regard to race, color, religion, sex, national origin, age, disability, genetic information, or any other protected status. The company adheres to all applicable federal, state, and local laws related to non-discrimination in every location where it operates. This policy covers all aspects of employment, including recruitment, hiring, promotions, compensation, and training.