Security Analyst

Security Analyst Dymin Systems - 5.0 Urbandale, IA Job Details Full-time $68,000 - $95,000 a year 4 days ago Benefits Paid holidays Health insurance Dental insurance Paid time off Retirement plan Qualifications Endpoint Security Report writing Achieving HIPAA compliance Vulnerability assessment tools

SOC 2 HIPAA

CompTIA CySA+ Mid-level Threat detection & response Driver's License Policy & process development System risk assessment (security system operation) NIST standards Driving Incident Investigation Vulnerability scanning DNS Third-party risk management Vulnerability management IT SIEM Log analysis CompTIA Security+ Incident response implementation 2 years Vendor risk management Communication skills IT security monitoring Full Job Description Dymin Systems is a leading Managed Service Provider (MSP) committed to delivering top-tier IT solutions to our clients and an exceptional workplace for our team. We're looking for a Security Analyst who is passionate about cybersecurity, thrives in a fast-paced multi-client environment, and takes pride in protecting businesses and the people who rely on them. This is a unique opportunity to be the first dedicated security role within Dymin's Managed Services department — building and executing a security practice that directly supports both our MSP client base and our fractional vCISO service offering. You'll work closely with the CIO on strategic security deliverables and with the Director of Managed Services on day-to-day operations and priorities.

POSITION SUMMARY

The Security Analyst at Dymin Systems serves as the primary executor of security-focused managed services delivery and recurring vCISO program tasks. This role exists to take security operations and deliverable execution off the CIO's plate, enabling the CIO to focus on client relationships, strategy, and program oversight. The Security Analyst is the first dedicated security position within the Managed Services department, reporting directly to the Director of Managed Services, with close day-to-day coordination with the CIO on all vCISO-related work.

KEY RESPONSIBILITIES MSP

Security Operations Monitor, triage, and respond to security alerts across client environments using SIEM, EDR, and other security tooling in the Dymin stack Conduct vulnerability scans and assessments across managed client environments; track and coordinate remediation with internal and client teams. Manage and review security tooling configurations, policies, and alerts for assigned clients. Support incident response activities including investigation, containment, documentation, and client communication; escalate incidents exceeding scope to the Director of Managed Services. Perform regular log reviews, threat hunting, and anomaly analysis across client environments. Administer and maintain endpoint protection, email security, DNS filtering, and privileged access tools across the MSP client base. vCISO Program Execution Prepare and execute recurring deliverables under the vCISO service offering, including risk assessments, security awareness content, policy reviews, compliance tracking, and security roadmap updates — materials are prepared by this role and presented to clients by the CIO. Prepare client-facing security reports, risk registers, and program documentation for CIO review and delivery. Support

HIPAA, NIST

CSF, and CIS Controls compliance activities on behalf of clients. Coordinate vendor risk assessments and track findings through remediation. Assist with tabletop exercise preparation and incident response plan development and maintenance. Maintain all security program artifacts, documentation, and deliverable logs across the vCISO client portfolio. Internal Security Support Assist the CIO with internal Dymin security initiatives, tooling evaluations, and policy development. Support phishing simulations and internal security awareness program execution. Contribute to the development and maintenance of Dymin's internal security posture documentation. Emergency Incident Response Available for emergency response to critical security incidents outside normal business hours as needed. This is not a scheduled on-call role, but emergency response to genuine critical events is expected.

QUALIFICATIONS

Required 2-4 years of experience in a security-focused IT role, ideally within an MSP or multi-client environment. Working knowledge of security frameworks (NIST

CSF, CIS

Controls, HIPAA) and their practical application. Hands-on experience with EDR, email security, SIEM, and vulnerability management tools. Familiarity with Microsoft 365 security Strong written and verbal communication skills — ability to prepare polished, client-facing security reports and documentation for executive presentation. Ability to manage multiple client priorities simultaneously and work independently without daily supervision. Valid driver's license and proof of auto insurance. Preferred Security certifications such as CompTIA Security+, CySA+, or equivalent. Experience supporting vCISO or fractional security programs. Experience with HaloPSA or similar PSA/ticketing platforms. Exposure to

HIPAA, SOC

2, or FINRA compliance environments.

KEY RESPONSIBILITIES

Alert response and triage SLA compliance vCISO deliverable on-time completion rate Vulnerability remediation rate within defined timelines Client security program documentation completeness and accuracy Internal security posture improvement milestones Benefits Health and dental insurance Retirement savings plan with company match after 1 year Generous paid time off and holidays Opportunities for professional development and continued education