Information Security Analyst (Remote)

Department: Technology

Reports To: Senior Manager, Info Security

Job Type: Full Time

Salary: $105,000 - $115,000 USD

Location: Remote (Candidates based in the US)

About WES:

World Education Services (WES) is a non-profit social enterprise that supports the educational, economic, and social inclusion of immigrants, refugees, and international students. For 50 years, WES has set the standard for international academic credential evaluation, supporting millions of people as they seek to achieve their academic and professional goals. Through decades of experience as a leader in global education, WES has developed a wide range of tools to pursue social impact at scale. From evaluating academic credentials to shaping policy, designing programs, and providing philanthropic funding, we partner with a diverse set of organizations, leaders, and networks to uplift individuals and drive systems change. Together with its partners, WES enables people to learn, work, and thrive in new places.

• Implementing and managing security solutions within the Microsoft ecosystem, including Microsoft Defender Advanced Threat Protection (ATP), Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Intune, and conditional access controls.
• Monitoring, analyzing, and responding to security incidents using Security Information and Event Management (SIEM) tools such as Rapid 7 or Azure Sentinel, ensuring timely detection and mitigation of threats.
• Conducting proactive threat hunting activities to identify and mitigate security risks and vulnerabilities.
• Configuring and maintaining security policies, rules, and alerts within Microsoft Defender, SIEM platforms, and Microsoft Intune to enhance detection capabilities and minimize false positives.
• Collaborating with Engineering and Technology Operations teams to integrate security controls.
• Providing technical expertise and guidance to stakeholders on security-related matters, including incident response, threat intelligence, and security awareness.
• Implementing and managing email security solutions to protect against phishing, malware, and other email-borne threats.
• Developing and delivering security awareness training and materials to educate employees on cybersecurity best practices and policies.
• Conducting security assessments, penetration testing, and vulnerability scanning to identify and remediate security weaknesses.
• Contributing to the development and implementation of security best practices, standards, and procedures to ensure compliance with regulatory requirements and industry standards.
• Staying informed about emerging security threats, technologies, and trends to anticipate and mitigate future risks effectively.

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 4+ years of experience in a technology role with at least two years with in a Cybersecurity related role.
• Proven experience working as a Security Operations Engineer or similar role, with expertise in Microsoft technologies.
• Strong knowledge of Microsoft Defender suite, SIEM platforms (preferably Azure Sentinel), Azure, Microsoft Intune, email security solutions, and security awareness practices.
• Experience with conditional access controls and policy enforcement mechanisms.
• Familiarity with cloud security principles and best practices, particularly within the Azure environment.
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications such as CompTIA Security+, or Microsoft Certified: Azure Security Engineer Associate or Security Admin are a plus.
• Ability to work independently and collaboratively in a fast-paced environment.