Lead Information Security Analyst Job at Glocomms, San Francisco County, CA

bCtxYndaNXk1aXFudng3eEs4QmxDNmN4
  • Glocomms
  • San Francisco County, CA

Job Description

A global consumer brand is seeking a Lead Information Security Analyst to lead enterprise-wide cybersecurity initiatives and elevate their security posture across both cloud and on-premises environments.

Key Responsibilities

  • Architect, deploy, and manage security solutions aligned with business goals and regulatory requirements.
  • Lead strategic initiatives including Data Loss Prevention (DLP), Zero Trust architecture, Cloud Security, Network Segmentation, IAM, and Endpoint Security modernization.
  • Oversee email protection platforms and gateway solutions to defend against phishing, malware, and data exfiltration.
  • Implement DNS security controls to mitigate domain hijacking and malicious communications.
  • Conduct threat detection, incident response, and post-incident analysis to ensure rapid containment and recovery.
  • Manage vulnerability assessment and remediation programs, providing visibility into risk posture for leadership.
  • Develop and refine incident response and disaster recovery plans to minimize disruption and enhance resilience.
  • Establish and enforce security policies and standards based on frameworks such as NIST, CIS, ISO 27001, and SOX.
  • Collaborate with IT, DevOps, and business units to embed security into system architecture and development pipelines.
  • Lead security awareness initiatives to foster a culture of vigilance and reduce human-related risk.
  • Continuously assess and improve security maturity through innovation in tools, processes, and governance.
  • Utilize automation and orchestration to streamline detection, response, and compliance efforts.
  • Mentor junior team members and advise cross-functional groups on secure design principles.
  • Stay current on emerging threats and technologies to proactively strengthen defenses.

Qualifications and Skills

  • Bachelor's degree in Computer Science, Cybersecurity, or related field (Master's preferred).
  • 7+ years of progressive experience in security engineering, architecture, or operations.
  • Deep expertise in data protection, cloud security, email/DNS security, and identity management.
  • Hands-on experience with Microsoft 365 security tools and email gateway platforms.
  • Familiarity with DNS filtering and protection solutions.
  • Proven success in leading awareness programs and advancing security maturity.
  • Strong grasp of Zero Trust, vulnerability management, endpoint protection, and automation.
  • Knowledge of security frameworks (NIST CSF, CIS Controls, ISO 27001, SOX).
  • Experience with multi-cloud environments and DevSecOps practices.
  • Scripting or automation skills (Python, PowerShell, Bash) preferred.
  • Relevant certifications such as:
    • CISSP, CISM, GIAC
    • Microsoft Cybersecurity Architect Expert or Security Operations Analyst
    • AWS Security Specialty
    • CompTIA Security+, CySA+, CASP+
    • Azure Security Engineer Associate
  • Excellent communication and leadership skills with the ability to influence across teams.

Job Tags

Similar Jobs