Job Description
Be a Part of our Team! Join a working family that is dedicated to the mission of the work we do!
Teaching Strategies is an innovative edtech organization focused on connecting teachers, children, and families. As front runners in the early childhood education market, we build dynamic, top-quality digital products that integrate all of the essential elements of a high-quality solution: curriculum, assessment, professional development, and family engagement. We are building a team of results-oriented individuals who will thrive in a collaborative, work-hard/play-hard culture. We pride ourselves on the impact we have on the early childhood field through supporting teachers who are doing the most important work there is, teaching children to become creative, confident thinkers.
Position Overview We are looking for highly talented and innovative people with passion for both a great mission and technology to step into the Information Security Analyst role. This candidate will be working on the Security team, which is responsible for keeping our critical infrastructure secure while safeguarding sensitive data and intellectual property. A successful candidate will identify risks and vulnerabilities in our infrastructure and applications, develop and help implement solutions and risk mitigations.
Specific Roles & Responsibilities: The candidate will be responsible for supporting the development, implementation, and maintenance of our cybersecurity program. This role will analyze and assess cybersecurity risks; support the development and implementation of security policies and procedures and ensure compliance with relevant regulations and standards. The ideal candidate should have a strong foundation in cybersecurity principles, a willingness to learn, and a passion for ensuring the security and integrity of information systems.
Some of the responsibilities include:
- Take lead on prioritizing and addressing the security ticket backlog
- Research and gain an understanding of currently deployed vulnerability monitoring systems
- Evaluate configuration, make recommendations to improve
- Manage the security awareness training platform and conducting new-hire security onboarding
- Develop and execute phishing simulation campaigns to assess and improve employee awareness and response
- Analyze and prioritize a variety of security scan outputs, and risk such as:
- Dynamic Application Security Testing (DAST)
- Static Application Security Testing (SAST)
- External penetration test findings
- Container security scanner
- Vulnerability management tools
- Conduct assessments of cloud environments, leverage cloud service provider guidelines, CIS benchmarks, NIST standards and other security/compliance best practices and work with the product development team to create remediation or mitigation strategies
- Drive the user access audit review initiative
- Prepare and present detailed reports on security incidents, vulnerabilities, and compliance to management and other stakeholders
- Monitor, track and report on the status of information requests related to IT audit engagements (SOC2 Type II, ISO 27001) and organization-wide processes
- Assist with analyzing security logs and optimize alerts from vulnerability monitoring systems
- Coordinate with Manager of Information Security on 3rd Party risk management, vendor evaluations and profiling
- Work with Development, Platform Engineering, Site Reliability and IT teams to assist with the entire risk lifecycle and see vulnerabilities to a timely resolution
Qualifications: - At least 3 years of relevant IT work experience
- At least 2 years of hands-on experience with vulnerability management processes
- Hands-on experience with risk assessment and mitigation in cloud environments (AWS and GCP)
- Working knowledge of popular container orchestration services (AWS ECS, EKS)
- Strong knowledge of web application security issues
- Familiarity with secure coding practices and the OWASP Top10
- Understanding of serverless compute technology (AWS Lambda, API Gateway)
- Working knowledge of the various operating systems (Windows, MacOS, Linux)
- Experience with a ticket management system to collect, document and maintain information pertinent to security investigations and incidents
- Excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings
- Strong understanding of cybersecurity principles, best practices, and industry standards
- Ability to be hands on and drive solutions to completion
- Excellent problem-solving and analytical skills
- Strong communication and collaboration abilities
- Commitment to following security, accessibility and performance best practices
- Strong sense of collaboration, teamwork, and accountability
- Self-starter and ability to communicate effectively remotely
Why Teaching Strategies At Teaching Strategies, our solutions and services are only as strong as the teams that create them. By bringing passion, dedication, and creativity to your job every day, there's no telling what you can do and where you can go! We provide a competitive compensation and benefits package, flexible work schedules, opportunities to engage with co-workers, access to career advancement and professional development opportunities, and the chance to make a difference in the communities we serve.
Let's open the door to your career at Teaching Strategies!
Some additional benefits & perks while working with Teaching Strategies Teaching Strategies offers our employees a robust suite of benefits and other perks which include:
- Competitive compensation package
- Employee Equity Appreciation Program
- Health and wellness insurance benefits
- 401k with employer match
- Flexible work environment
- Unlimited paid time off (which includes paid holidays and Winter Break)
- Paid parental leave
- Tuition assistance, professional development, and opportunities for career growth
- Best in class technology equipment for every employee
- Penthouse suite in downtown DC seconds away from Washington Nationals Stadium and Audi Field
Teaching Strategies, LLC is committed to creating a diverse workplace and is proud to be an equal opportunity employer of Minorities, all Genders, Protected Veterans, and Individuals with Disabilities.
Job Tags
Holiday work, Work experience placement, Flexible hours,