100% REMOTE MUST BE U.S. BASED

When you join Turnitin, you'll be welcomed into a company that is a recognized innovator in the global education space. For more than 20 years, Turnitin has partnered with educational institutions to promote honesty, consistency, and fairness across all subject areas and assessment types. Over 16,000 academic institutions, publishers, and corporations use our services: Gradescope by Turnitin, iThenticate, Turnitin Feedback Studio, Turnitin Originality, Turnitin Similarity, ExamSoft, and ProctorExam.

Turnitin has offices in Australia, India, Indonesia, Japan, Korea, Mexico, the Netherlands, the Philippines, Ukraine, the United Kingdom, and the United States. Our diverse community of colleagues are all unified by a shared desire to make a difference in education. Come join us, and let's make change together.

We are looking for someone who brings passion, security experience, attention to detail, and the willingness to continuously learn. You will work within the Information Security & Compliance team and report directly to the Information Security Manager where you will have an opportunity to shape the security operations function for the global leader in educational technology. If you are passionate about security and have the desire to work for a mission-based company we would love to hear from you.  

As an Information Security Analyst, you will provide support to protect Turnitin’s digital networks and information, your duties and responsibilities will include:

• Monitor, triage, and investigate security events and incidents from a wide variety of cybersecurity technologies, including; Endpoint Detection and Response (EDR), Email Protection, and Security Information and Event Management (SIEM)
• Perform event correlation using information gathered from a variety of sources within the enterprise to continuously improve detection 
• Assist with vulnerability scanning by analyzing scan results and helping drive remediation with teams outside of Information Security & Compliance
• Provide support in obtaining and maintaining compliance with CIS and NIST standards 
• Support the maintenance of incident response documentation including the Incident Response Plan, Incident Response Playbooks, etc
• Partner with various stakeholders to improve security maturity and awareness across the business 
• Support end-to-end incident response activities related to a wide variety of security risks and threats, including but not limited to, ransomware, system compromise, account takeover and phishing

• 3-5 years experience in Information Security
• Bachelor's degree or equivalent industry experience
• Demonstrated experience working within a Security Operations function
• Experience in securing cloud platforms (AWS, GCP, or Azure)
• Strong knowledge of endpoint security best practices (Windows and/or MacOS)
• Working knowledge of networking and firewall concepts 
• Experience in configuring and using a variety of security tools (IAM solutions, IDS/IPS, Vulnerability Scanners, SIEM, EDR / XDR solutions, Secure Email Gateways, and Log Management Systems) and understanding of best practices relating to their use.
• Exposure to incident management with the ability to investigate and remediate security incidents and threats
• Knowledge of CIS & NIST frameworks 
• Strong verbal, written, and interpersonal communication skills 
• Must embody a passion for learning to continually improve themselves and those around them

Preferred Qualifications

• Awareness of industry security standards (SOC2, FedRamp / StateRamp, ISO 27001)
• Threat Hunting experience 
• Understanding of security principles with the ability to communicate security concepts to non-technical and technical audiences with ease
• Previous experience coordinating penetration tests
• Demonstrate innovative security approaches in non-traditional IT environments
• Have experience generating automated metrics to measure service and program effectiveness and consistency
• Have experience in the management of security products
• Relevant industry security certifications (Certified Ethical Hacker (CEH), GIAC Certified Detection Analyst (GCDA),  CompTIA Security+, GIAC Certified Incident Handler (GCIH))

Our Mission is to ensure the integrity of global education and meaningfully improve learning outcomes. 

Our Values underpin everything we do.

• Customer Centric - We realize our mission to ensure integrity and improve learning outcomes by  putting educators and learners at the center of everything we do.

• Passion for Learning - We seek out teammates that are constantly learning and growing and build a workplace which enables them to do so.

• Integrity - We believe integrity is the heartbeat of ExamSoft. It shapes our products, the way we treat each other, and how we work with our customers and vendors.

• Action & Ownership - We have a bias toward action and empower teammates to make decisions.

• One Team - We strive to break down silos, collaborate effectively, and celebrate each other’s successes.

• Global Mindset - We respect local cultures and embrace diversity. We think globally and act locally to maximize our impact on education.

Turnitin, LLC is committed to the policy that all persons have equal access to its programs, facilities and employment. We strongly encourage applications from people of color, persons with disabilities, women, and the LGBTQ+ community, regardless of age, gender, religion, marital or veterans status.