Job Title: Security Analyst 2 – Investigations, Litigation Holds, and Public Records Requests
Position Overview:
The Security Analyst 2 plays a critical role in managing and supporting organizational compliance and investigative efforts. This position is responsible for conducting detailed investigations into security incidents, managing litigation holds, and processing public records requests. The analyst ensures adherence to legal and regulatory requirements, organizational policies, and best practices for data security and privacy.
Key Responsibilities:
1. Investigations:
Conduct comprehensive investigations into security incidents, potential policy violations, and other events requiring organizational review.
Collect, analyze, and document evidence to support findings while maintaining chain-of-custody protocols.
Collaborate with internal and external stakeholders, such as HR, legal, and law enforcement, to resolve cases efficiently.
Prepare detailed investigation reports and recommend corrective actions or process improvements.
2. Litigation Holds:
Identify and secure relevant data and systems subject to litigation holds, ensuring preservation of electronic and physical evidence.
Develop and implement procedures for tracking, managing, and lifting litigation holds.
Communicate and coordinate with legal counsel to ensure compliance with court orders and discovery processes.
Monitor and audit compliance with hold requirements across the organization.
3. Public Records Requests:
Respond to and process public records requests in accordance with applicable laws and organizational policies.
Review and redact sensitive or confidential information while ensuring transparency and compliance.
Maintain accurate records of requests and responses for audit and reporting purposes.
Collaborate with legal, compliance, and operational teams to ensure timely and accurate fulfillment of requests.
Skills and Qualifications:
Education: College degree in cybersecurity, information technology, criminal justice, or a related field (or equivalent experience).
Experience: 1-3 years of experience in security operations, compliance, investigations, or a related role.
Technical Skills:
Knowledge of digital forensics, chain-of-custody procedures, and incident response.
Proficiency in eDiscovery tools, records management systems, and litigation hold software.
Familiarity with data protection regulations (e.g., HIPAA, GDPR, FOIA).
Soft Skills:
Strong analytical, organizational, and problem-solving abilities.
Excellent written and verbal communication skills for reports and stakeholder interactions.
Ability to handle sensitive information with integrity
Work Environment:
100% remote model, with the ability to handle confidential information in secure settings.
Collaborative interactions with legal, compliance, IT, and other organizational teams.
