Information Security Analyst

Position Overview 

The information security analyst implements and runs advanced security controls, defenses, and countermeasures to proactively detect, intercept, and prevent internal and external threats targeting company data and systems. They will configure and maintain complex cybersecurity systems, and regularly engages with larger Information Technology team to ensure secure and resilient infrastructure. In this role they will administer and enforce cybersecurity policies to safeguard physical and virtual access across the enterprise.

The information security analyst will conduct security audits, participate in penetration tests, and contribute to comprehensive vulnerability assessments to evaluate and enhance system security configurations, ensuring compliance with internal standards and external regulations. 

They will respond to cybersecurity incidents in coordination with IT staff and cybersecurity incident response team by identifying, containing, and mitigating threats, and supports post-incident root cause analysis and remediation efforts. The information security analyst will  continuously monitor emerging threats and trends while contributing to the selection and deployment of innovative security solutions aligned with organizational goals.

Essential Functions

• Promptly responds to SOC alerts and investigates reports from employees of suspicious activity
• Evaluates, recommends, implements, and administers security solutions to protect the confidentiality, integrity, and availability of information in alignment with core objectives of the cybersecurity program.
• Facilitates regular cybersecurity awareness training and timely cybersecurity policy reviews
• Evaluates and supports implementation of robust security controls and countermeasures, such as access management protocols, encryption solutions, and firewall configurations, to proactively mitigate vulnerabilities.
• Communicates cybersecurity program status and objectives through various media across a broad internal audience 
• Serves as a primary responder for cybersecurity incidents, performing detailed investigations, containment, and eradication efforts, and prepares post-incident reports with root cause analysis and lessons learned.
• Continuously monitors the cybersecurity landscape, staying abreast of emerging threats, tools, and best practices, and integrates findings into the organization’s security strategy.
• Ensures organizational compliance with applicable laws, standards, and regulatory frameworks (e.g., NIST, HIPAA, ISO 27001), in coordination with the Manager, Information Security.
• Partners with the Manager, Information Security to provide oversight to incident response and disaster recovery plans to ensure business continuity in the event of a cybersecurity breach.
• Acts as a subject matter resource in cross-functional projects involving information security, contributing technical expertise and aligning solutions with enterprise security goals.

Job Requirements

Education, Experience, Licenses

• High School Diploma
• Bachelor’s degree (BA/BS) in Computer Science, Information Systems, Cybersecurity, Software Engineering or a related discipline or equivalent work experience
• 3+ years of work experience within cybersecurity
• Knowledge of cybersecurity technologies, best practices, and emerging threats
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Knowledge, Skills, Abilities:  

• Strong attention to detail with the ability to prioritize and manage multiple tasks and projects
• Technical proficiency in cybersecurity tools, methodologies, and best practices to support and enhance enterprise IT and cyber operations.
• Demonstrated analytical and critical thinking skills with the ability to assess complex security risks and their potential impact on business operations.
• Skilled in clearly communicating technical information, security risks, and recommendations to both technical and non-technical audiences in written and verbal formats.
• Proven ability to work independently and collaboratively within cross-functional teams, demonstrating initiative and accountability in problem-solving.
• Builds and maintains productive working relationships across departments, actively contributing to a collaborative and security-conscious organizational culture.
• Strong interpersonal and consultative skills, with the ability to translate cybersecurity insights into actionable business solutions
• Commitment to continuous learning and staying current on cybersecurity trends, technologies, and regulatory requirements.
• Professional integrity and a strong work ethic

Work environment & Physical Demands

• Inside climate-controlled office building
• Prolonged sitting and using a PC
• Ability to lift 25lbs
• <5% travel

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Department Overview

The Information Technology Department works closely with internal and external business partners using their subject matter expertise to strategically invest in information systems and infrastructure across the enterprise. Flexible and adaptive to customer needs, the Information Technology Team takes a broad view of the HAI Group enterprise; contributing research and development to strengthen and add value to business operations. Information Technology develops its team in both the technical and leadership career paths to support customers while meeting the development needs of the team. Highly responsive, the team continually explores best practices and their application to growing the HAI Group enterprise.     

Company Overview

HAI Group®[1], is the nation’s leading property-casualty insurance company founded by and dedicated to affordable housing organizations. While we are recognized as a pioneer of affordable housing insurance programs, insurance is not our only strength. We protect, preserve, and promote the sustainability of affordable housing with an array of products and services that support the challenges housing organizations face. Besides insurance, we offer risk management services, online training, and consulting services used by more than 1,500 housing organizations nationwide. Headquartered in Cheshire, Connecticut, HAI Group® was recognized as a Top Workplace in 2020, 2021, 2022, 2023 and 2024.

Cultural Objective

HAI Group contributes to a culture that creates a safe and healthy working environment and a space of inclusiveness and belonging for all by: exceeding our customers’ expectations, working collaboratively across the organization, embracing diversity, and demonstrating mutual respect and empathy.

HAI Group Benefits and Perks

• Bonus program eligibility
• Annual merit program
• Outstanding 401(k) program and non-elective contribution
• Flexible work schedules
• Generous paid time off, paid volunteer days and paid holidays
• Medical, vision and dental Insurance 
• Company paid life, AD&D, short-term disability, and long-term disability coverage
• HSA, FSA and dependent care options
• On-Site wellness: Full gym and locker rooms, wellness initiatives, outdoor basketball and tennis court, picnic pavilion area
• Tuition reimbursement and loan repayment
• Professional development 
• Community outreach 

HAI Group is an Equal Opportunity Employer.

No agency submissions please. Resumes submitted to any HAI Group employee without a current, signed and valid contract in place with the HAI Group Recruiting team for this position will become the property of HAI Group and no agency fees will be paid.