[Remote] Sr Information Security Analyst
Note: The job is a remote job and is open to candidates in USA. SageNet is a managed services provider focused on connectivity and digital experiences for enterprises. The Senior Information Security Analyst will execute and mature the information security program, overseeing security operations, governance, risk, and compliance activities while collaborating with various teams to ensure security controls are effective.ResponsibilitiesOversee SIEM alert tuning, investigation, triage, and escalation in coordination with SOC providersServe as the primary incident response coordinator during security events, including investigation, documentation, and follow-upDevelop and deliver security awareness and training initiativesMaintain operational security metrics and prepare reporting for leadershipPartner with IT and system owners to manage IAM controls, access reviews, and privileged access governanceAct as a subject matter expert for secure network architecture, including firewalls, VPNs, SD-WAN, wireless, and authentication systemsLead firewall and network security review processes to ensure alignment with internal policies and PCI DSS requirementsServe as the primary security stakeholder for internally developed and customer-facing applicationsDefine and maintain application security requirements aligned with PCI DSS 4.0, OWASP ASVS, and secure SDLC practicesPartner with development and engineering teams to integrate security into the software development lifecycleReview application designs and architectures for security risks related to authentication, authorization, data handling, and segmentationOversee application vulnerability management activities, including SAST, DAST, and software composition analysis (SCA)Coordinate remediation, risk acceptance, and exception tracking for application security findingsSupport and validate application-layer penetration testing and remediation effortsAct as a security escalation point for application-related incidentsOwn the end-to-end vulnerability management lifecycle across infrastructure and applicationsCoordinate remediation efforts with Network Engineering, IT Infrastructure, Operations, and Development teamsConduct targeted risk assessments and support enterprise risk management activitiesLead coordination of PCI DSS compliance activities, including evidence collection, control validation, and engagement with external QSAsManage the lifecycle of security policies and procedures, ensuring alignment with regulatory and business requirementsSupport customer, regulatory, and internal audit activitiesSkills5+ years of experience in information security, network security, or security governance rolesBachelor's degree in information security, Computer Science, MIS, or equivalent professional experienceAt least one security certification is required (e.g., Security+, CySA+, SSCP, GSEC)Strong working knowledge of vulnerability management tools, SIEM platforms, and log analysisSolid understanding of firewall architectures and access control review methodologiesWorking knowledge of PCI DSS 4.0 and managed service provider shared-responsibility modelsStrong understanding of application security principles, including common web vulnerabilities (OWASP Top 10)Experience coordinating remediation efforts across technical and non-technical teamsExcellent communication, documentation, and analytical skillsAbility to independently manage multiple priorities in a fast-paced environmentAdvanced security certifications such as CISSP, CISM, ISA/QSA, or equivalentFamiliarity with SD-WAN, WAF, IDS/IPS, VPN, identity management, and network segmentationExperience supporting or reviewing SAST, DAST, and penetration testing activitiesComfortable serving as a functional lead and escalation point across security domainsCompany OverviewSageNet is a leading provider of managed network and cybersecurity services to many of the nation’s largest retailers, healthcare. It was founded in 1998, and is headquartered in Tulsa, Oklahoma, USA, with a workforce of 201-500 employees. Its website is http://www.sagenet.com/.Company H1B SponsorshipSageNet has a track record of offering H1B sponsorships, with 1 in 2025, 2 in 2024, 3 in 2023, 2 in 2022, 6 in 2021, 4 in 2020. Please note that this does not guarantee sponsorship for this specific role.