JOB TITLE:  Cybersecurity Analyst LOCATION: Santiago DR   GENERAL DESCRIPTION OR PURPOSE OF JOB:   The Cybersecurity Analyst – SOC is a mid-level role responsible for supporting the detection, analysis, escalation, and remediation of cyber threats across Jostens. This position plays a key part in security operations, including log monitoring, incident response, and threat analysis. Analysts at this level are expected to handle incidents with moderate complexity independently and escalate higher-severity issues as needed.   The role involves working with security tools such as SIEM, endpoint protection, IDS/IPS, vulnerability scanners, and related platforms. The analyst collaborates with IT, Legal, Privacy, Audit, and other business functions to support cybersecurity operations and continuous improvement of Jostens’ security posture. capabilities   RESPONSIBILITIES / ESSENTIAL FUNCTIONS:    Threat Analysis and Security Event Monitoring   Monitor security alerts and logs for potential threats using security tools. Correlate data from multiple sources to identify suspicious activity Analyze malicious activity to determine methods, impact, and potential remediation Assist in tuning security rules and log onboarding Assist in managing security operations tools such as endpoint detection, vulnerability management, email security and attack surface management. Stay informed on current threats, vulnerabilities, and TTPs relevant to the organization Alert/Incident Response   Respond to and investigate security alerts and incidents of low-to-moderate severity Participate in the full incident response lifecycle: detection, containment, eradication, recovery, and lessons learned Participate in incident response operations and development of standard operating procedures, run books and related templates. Recommend process improvements. Assist with the static and dynamic malware analysis to support InfoSec defenses and understanding of threat actor TTPs. Escalate high-severity or complex incidents to senior staff as appropriate Assist in root cause investigations Support coordination across IT, Legal, and other stakeholders during active investigations Documentation, Metrics and Reporting   Document investigation steps, incident findings, and response efforts Contribute to SOC runbooks, response plans, and knowledge bases Assist in audit support and compliance activities (e.g., PCI, SOX, Privacy) Participate in post-incident reviews and suggest improvements to processes and tooling Support data acquisition supporting legal holds. Report common and repeated problems (trend analysis) to SOC Team lead and propose process and technical improvements. Provide metrics to measure the effectiveness of the incident response program at request of Security leadership and SOC lead. Other   Provide evidence for compliance activities, such as SOX, PCI, Data Privacy. Identify process improvement opportunities where available to shape the future of Jostens Cybersecurity posture. Participate in tabletop exercises and threat simulation activities Collaborate with team members on new security use case development Stay up to date with cybersecurity trends and best practices Required:   Minimum 3 years of experience in combination of Incident Response, Information Security or Information Technology role Bachelor’s degree in Information Security, Computer Science, Information Management Systems, or related work experience required Foundational knowledge of incident response standards and information security incident management Foundational knowledge of information security concepts and technologies such as: networking, network segmentation, vulnerability scanners, firewalls, IPSIDS, network analyzers, data loss prevention, security event management, encryption technologies, proxies, cloud services, mobile devices, etc. Understanding of current threats and exploits to include experience with threat detection, analysis, and remediation Ability to triage, define criticality, and resolve or escalate alerts Experience with Windows and Linux servers, IDS/IPS, A/V, SIEMs, DLP, Firewalls and workstations Working knowledge of email messaging flow Working knowledge of Microsoft 365, Okta, Duo, Microsoft Azure and Active Directory Experience using automation and scripting (PowerShell) to monitor systems Knowledge and/or experience in threat hunting Working knowledge of intrusion detection prevention, data loss prevention and vulnerability management Working knowledge of application architectures, platforms, and protocols; and their inherent security strengths and weaknesses Ability to troubleshoot and problem solve to address critical security issues Ability to communicate technical information in understandable business terms     Preferred: Professional security management certification is desirable, such as Cyber Security Analyst (CySA+), Systems Security Certified Practitioner (SSCP), Certified Hacking Forensic Investigation (CHFI), GFCA Certified Forensic Analyst (GIAC) or other similar credentials.