Join Laserfiche as an Information Security Analyst I and play a hands-on role in defending the systems that power a global leader in digital transformation. In this dynamic position, youll dive into real security operationsmonitoring, detection engineering, vulnerability management, and security configurationwhile helping grow the enterprise security program.
Youll work across cloud and on-prem environments, implementing and continuously improving security controls that safeguard critical applications, data, and infrastructure. This is a highly collaborative role where youll partner with teams across ITS, the Business Transformation Office, GRC, Development, and more to ensure Laserfiches security posture is strong, scalable, and aligned with business goals.
If youre passionate about hands-on security work, eager to learn, and excited to make a direct impact on enterprise protection, this role offers the opportunity to grow, innovate, and contribute from day one.
Location:
Hybrid: Three days per week (Tuesday, Wednesday and Thursday) in-office in Long Beach, CA
Remote work from home on Mondays and Fridays
Periodic after-hours support may be required for security incidents or maintenance activities.
About the Role - Key Responsibilities:
Security Engineering and Control Implementation
Configure and manage security tools including endpoint detection and response (EDR), SIEM, vulnerability management platforms, email security, identity and access management (IAM) and other security technologies.
Support ITS and Development teams in integrating security controls into system architecture and deployment workflows.
Assist in the evaluation and implementation of new security technologies to enhance prevention, detection and response capabilities.
Safeguard Laserfiche information in accordance with Laserfiche Information Security Policies.
Security Monitoring and Incident Response
Monitor security events and alerts from SIEM, EDR, cloud-native logging tools and other detection platforms.
Perform triage, investigation and root cause analysis of security incidents and suspicious activity.
Support incident response efforts in coordination with ITS and business stakeholders.
Develop and tune detection rules, alerts and automated response playbooks to improve security visibility and reduce false positive rates.
Document incidents, response actions and lessons learned to strengthen operational maturity.
Participate in tabletop exercises and incident response testing activities.
Vulnerability Management and Threat Mitigation
Perform recurring vulnerability scans across infrastructure, endpoints, applications and cloud environments.
Validate findings, prioritize remediation based on risk and track mitigation progress with system owners.
Conduct configuration reviews and security assessments of systems and cloud resources.
Stay current on emerging threats, vulnerabilities and exploit techniques, and recommend appropriate countermeasures.
Partner with ITS and Development teams to drive timely remediation of security findings.
Cloud and Identity Security
Support security configuration and monitoring of cloud and SaaS environments including AWS, Microsoft 365 and Okta.
Review IAM roles, policies and permissions to enforce least privilege and proper access controls.
Assist in the secure implementation of new cloud services and infrastructure changes.
Collaboration, Documentation and Continuous Improvement
Contribute to security awareness initiatives, including phishing simulations, training content and employee communications to promote a security-conscious culture.
Provide technical security guidance to internal stakeholders and assist in responding to security-related customer or vendor inquiries.
Support internal audits and compliance initiatives by gathering technical evidence of control implementation.
Participate in risk assessments, vendor reviews and architecture design discussions.
Help refine security policies, standards and procedures based on operational experience.
About You - Essential Qualifications:
Bachelors degree in cybersecurity, information systems, computer science or related field.
Experience in security operations, information security or a related technical role.
Relevant certifications such as Splunk, Security+, CySA+, BTL1, PSAA or AWS Cloud Practitioner are preferred.
Experience supporting on-premises, hybrid and cloud environments.
Foundational understanding of security operations, including monitoring, incident response and vulnerability
