Information Security Analyst

About SRS Acquiom 

At SRS Acquiom, our focus is on simplifying complex transactions in M&A and in the Loan Agency markets. Since 2007, we have been continuously innovating to solve issues for some of the industry’s most sophisticated buyers, sellers, borrowers, lenders, and counsels. Our top-tier team has supported more than 7,350+ deals with $775B+ in aggregate value including high-profile transactions such as Coca Cola Corporation’s acquisition of Body Armor, Pfizer’s acquisition of ReViral Limited, and Intel’s acquisition of Granulate Cloud Solutions. We are looking for extraordinary people to help drive our continued success. If you are looking to join a growing, entrepreneurial environment in an established company, we want to hear from you! 

Position Summary 

SRS Acquiom is currently searching for an Information Security Analyst to work as a member of our growing Information Security team.  

Reporting to the Head of Risk and Information Security, this position will be the point person functioning as the subject-matter expert for SRS Acquiom’s Information Security program. The Security Analyst will be responsible for fielding technical questions on information security including but not limited to alerts, potential information security events and incidents, and phishing issues with a focus on maintaining the confidentiality, integrity, and availability of data. This is a highly collaborative position, working with the Sr. Information Security Analyst, IT Solutions, and team members across the company, ensuring that we have effective processes and controls in place, participating in various projects, and reporting on program status on a regular basis. This role, with other Risk team members, will participate in the Company’s security related audits, risk assessments, testing, and monitoring efforts to ensure compliance with regulatory requirements and internal policies as needed. 

The salary range for this position is $85k and $110k, depending on the level of experience. 

This is a hybrid position based out of Denver, CO. with the requirement to be in-person on Tuesdays and Thursdays.  

Primary Responsibilities  

• Monitor computer networks for security issues.
• Respond to and investigate system alerts.
• Respond to reported phishing attempts from SRS Acquiom team members.  
• Manage Security Awareness and Simulated Phishing Campaigns through third-party vendor, KnowBe4.Assess controls for information in every form / all formats (e.g. electronic and physical).
• Recommend remediation for detected vulnerabilities to maintain a high-security standard.
• Assist in performing ongoing vulnerability and penetration testing.
• As a member of the First Incident Responder team,  
• Assist in investigating security breaches and other potential cyber security events and incidents.
• Enforce company-wide best practices for information security.  
• Stay up-to-date on information technology and security trends.   
• Maintain familiarity with current security standards.
• Monitor information security effectiveness and compliance across the company.
• Help to drive the organization toward higher levels of information security maturity and efficiency.
• Monitor and report on metrics for information security activities to identify trends.   
• Help team members understand the value of information security management.
• Identify and eliminate manual processes using automation for areas involving information security with input from other members of the Information Security /Risk team.
• Other duties as assigned. 

 Required Qualifications & Skills  

• Bachelor’s degree or equivalent experience and/or training; or combination of education and experience.
• 4+ years’ experience in information security.
• Security certification preferred.  
• Experience with BOTH Mac and Windows operating systems.
• Experience with computer network vulnerability and penetration testing techniques a plus.
• Understanding and experience with Network Security tools like firewalls, proxies, SIEM solutions, antivirus, and IDPS tools.
• Ability to identify and mitigate endpoint and network vulnerabilities.
• Understanding of patch management for servers and endpoints, including how patches are deployed and their potential business impact.
• Thorough knowledge of and ability to apply information security principles, best practices, and procedures.
• Proven ability to effectively listen and communicate with diverse audiences and an open mind for new ideas.
• Proven ability to communicate complex technical concepts in clear, accessible language to non-technical stakeholders. 

Desired Characteristics 

• Self-motivated
• Intellectually curious
• Collaborative
• Amiable
• Service orientated  
• Operates with highest integrity and attention to detail
• Passionate about efficient, scalable business processes
• Comfortable operating in a rapidly evolving environment with shifting priorities