Information Security Analyst

As a trusted global transformation partner, Welocalize accelerates the global business journey by enabling brands and companies to reach, engage, and grow international audiences. Welocalize delivers multilingual content transformation services in translation, localization, and adaptation for over 250 languages with a growing network of over 400,000 in-country linguistic resources. Driving innovation in language services, Welocalize delivers high-quality training data transformation solutions for NLP-enabled machine learning by blending technology and human intelligence to collect, annotate, and evaluate all content types. Our team works across locations in North America, Europe, and Asia serving our global clients in the markets that matter to them. www.welocalize.com
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Job Reference: #LI-JC1
The Information Security team plays a crucial role in ensuring the confidentiality, integrity, and availability of our systems and data.
The Information Security Analyst role is responsible for supporting the overall information security and privacy program needs for Welocalize.  This is an entry to mid-level position, requiring 1-3 years of experience in information security or related fields, who demonstrate a strong desire for continuous learning.
This role assists the Information Security Manager with building and continuously improving the security and privacy programs. This role has exposure to all aspects of information security while interacting with employees in multiple countries and at all organizational levels. Strong emotional intelligence, professionalism and easy communication styles are required.
Responsibilities                                                            

The following is a non-exhaustive list of responsibilities and areas of ownership of this position:

• Monitor security systems, tools, and dashboards to identify potential threats or vulnerabilities.
• Respond to cyber alerts/incidents from information security tools as a first responder.
• Assist in the analysis and investigation of security alerts, incidents, and breaches.
• Perform vulnerability scans and support the remediation of identified risks.
• Maintain and enforce security policies, procedures, and controls.
• Assist in the implementation of security awareness programs for employees.
• Support the management of user access controls and account reviews.
• Document and maintain records of security incidents and actions taken.
• Collaborate with IT teams to ensure systems comply with security standards and best practices.
• Stay updated on the latest cybersecurity trends, tools, and techniques.
• Identify and develop automations, integrations, and workflows around security monitoring, alerting, reporting, and remediation.
• Assist with internal and external information security and privacy audits.
• Assist with security awareness training and phishing campaigns.
• Keep abreast of relevant industry movements to provide recommendations for changes to enhance company security and prevent unauthorized access to systems or data.
• Assist as needed with Privacy Program requirements.

Education/Experience Requirements:

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field (or 2+ years of equivalent work experience).
• Knowledge of basic cybersecurity concepts, threats, and controls.
• Experience with security tools or technologies (e.g., antivirus, EDR/XDR, or SIEM) is a plus.

Desired Job Skills:

• Strong analytical and problem-solving skills.
• Excellent written and verbal communication abilities.
• Ability to work independently and as part of a team.
• Familiarity with security frameworks such as ISO 27001
• Basic understanding of network protocols, operating systems, and cloud security.
• Certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), or similar (preferred but not mandatory).