JOB TITLE: Cybersecurity Analyst LOCATION: Santiago DR GENERAL DESCRIPTION OR PURPOSE OF JOB: The Cybersecurity Analyst – SOC is a mid-level role responsible for supporting the detection, analysis, escalation, and remediation of cyber threats across Jostens. This position plays a key part in security operations, including log monitoring, incident response, and threat analysis. Analysts at this level are expected to handle incidents with moderate complexity independently and escalate higher-severity issues as needed. The role involves working with security tools such as SIEM, endpoint protection, IDS/IPS, vulnerability scanners, and related platforms. The analyst collaborates with IT, Legal, Privacy, Audit, and other business functions to support cybersecurity operations and continuous improvement of Jostens’ security posture. capabilities RESPONSIBILITIES / ESSENTIAL FUNCTIONS: Threat Analysis and Security Event Monitoring + Monitor security alerts and logs for potential threats using security tools. + Correlate data from multiple sources to identify suspicious activity + Analyze malicious activity to determine methods, impact, and potential remediation + Assist in tuning security rules and log onboarding + Assist in managing security operations tools such as endpoint detection, vulnerability management, email security and attack surface management. + Stay informed on current threats, vulnerabilities, and TTPs relevant to the organization Alert/Incident Response + Respond to and investigate security alerts and incidents of low-to-moderate severity + Participate in the full incident response lifecycle: detection, containment, eradication, recovery, and lessons learned + Participate in incident response operations and development of standard operating procedures, run books and related templates. Recommend process improvements. + Assist with the static and dynamic malware analysis to support InfoSec defenses and understanding of threat actor TTPs. + Escalate high-severity or complex incidents to senior staff as appropriate + Assist in root cause investigations + Support coordination across IT, Legal, and other stakeholders during active investigations Documentation, Metrics and Reporting + Document investigation steps, incident findings, and response efforts + Contribute to SOC runbooks, response plans, and knowledge bases + Assist in audit support and compliance activities (e.g., PCI, SOX, Privacy) + Participate in post-incident reviews and suggest improvements to processes and tooling + Support data acquisition supporting legal holds. + Report common and repeated problems (trend analysis) to SOC Team lead and propose process and technical improvements. + Provide metrics to measure the effectiveness of the incident response program at request of Security leadership and SOC lead. Other + Provide evidence for compliance activities, such as SOX, PCI, Data Privacy. + Identify process improvement opportunities where available to shape the future of Jostens Cybersecurity posture. + Participate in tabletop exercises and threat simulation activities + Collaborate with team members on new security use case development + Stay up to date with cybersecurity trends and best practices Required: + Minimum 3 years of experience in combination of Incident Response, Information Security or Information Technology role + Bachelor’s degree in Information Security, Computer Science, Information Management Systems, or related work experience required + Foundational knowledge of incident response standards and information security incident management + Foundational knowledge of information security concepts and technologies such as: networking, network segmentation, vulnerability scanners, firewalls, IPSIDS, network analyzers, data loss prevention, security event management, encryption technologies, proxies, cloud services, mobile devices, etc. + Understanding of current threats and exploits to include experience with threat detection, analysis, and remediation + Ability to triage, define criticality, and resolve or escalate alerts + Experience with Windows and Linux servers, IDS/IPS, A/V, SIEMs, DLP, Firewalls and workstations + Working knowledge of email messaging flow + Working knowledge of Microsoft 365, Okta, Duo, Microsoft Azure and Active Directory + Experience using automation and scripting (PowerShell) to monitor systems + Knowledge and/or experience in threat hunting + Working knowledge of intrusion detection prevention, data loss prevention and vulnerability management + Working knowledge of application architectures, platforms, and protocols; and their inherent security strengths and weaknesses + Ability to troubleshoot and problem solve to address critical security issues + Ability to communicate technical information in understandable business terms Preferred: + Professional security management certification is desirable, such as Cyber Security Analyst (CySA+), Systems Security Certified Practitioner (SSCP), Certified Hacking Forensic Investigation (CHFI), GFCA Certified Forensic Analyst (GIAC) or other similar credentials.