Fast Facts

Instructure is seeking an IT Security Analyst responsible for safeguarding digital assets by preventing, detecting, and responding to cybersecurity threats, while developing and maintaining security protocols.

Responsibilities: Conduct risk assessments, vulnerability management, develop security policies, monitor security operations, and deliver security training programs.

Skills: Proficiency in security frameworks, experience with security tools and technologies, strong understanding of network protocols, and incident response methodologies.

Qualifications: Bachelor's degree in IT, Computer Science, or Cybersecurity, and at least 1 year of relevant experience.

Location: Salt Lake City, UT

Compensation: $70000 - $85000 / Annually

At Instructure, we believe in the power of people to grow and succeed throughout their lives. Our goal is to amplify that power by creating intuitive products that simplify learning and personal development, facilitate meaningful relationships, and inspire people to go further in their education and careers. We do this by giving smart, creative, passionate people opportunities to create awesome. 

And that's where you come in:

The IT Security Analyst is a critical member of our Information Technology department, responsible for safeguarding the confidentiality, integrity, and availability of our organization's digital assets. This role focuses on the proactive prevention, vigilant detection, and effective response to cybersecurity threats. The IT Security Analyst will be instrumental in developing, implementing, and maintaining robust security protocols, systems, and procedures to protect our networks, systems, applications, and data from evolving cyber risks.

What you will do:

• Risk & Vulnerability Management:
• Conduct comprehensive risk assessments and security audits of IT infrastructure, applications, and processes to identify vulnerabilities and potential threats.
• Perform regular vulnerability scanning and coordinate penetration testing efforts.
• Analyze assessment results, prioritize identified risks, and recommend appropriate mitigation strategies and security enhancements.
• Collaborate with IT teams to ensure timely remediation of security vulnerabilities.
• Security Architecture & Engineering:
• Contribute to the design and implementation of secure IT systems, networks, and applications, ensuring security best practices are integrated from the initial stages of development.
• Configure, maintain, and optimize security tools and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), Security Information and Event Management (SIEM) systems, antivirus/anti-malware solutions, data encryption tools, and identity and access management (IAM) systems.
• Policy & Compliance:
• Develop, implement, and enforce information security policies, standards, guidelines, and procedures in alignment with industry best practices and regulatory requirements (e.g., [mention relevant regulations like ISO 27001, NIST, GDPR, HIPAA if applicable]).
• Conduct security compliance audits to ensure adherence to internal policies and external regulations.
• Maintain detailed documentation of security configurations, incidents, and remediation efforts.
• Security Operations & Incident Response:
• Continuously monitor security logs, network traffic, and security alerts from SIEM systems and other security tools to detect anomalous or malicious activity.
• Act as a primary responder for cybersecurity incidents, including investigation, containment, eradication, recovery, and post-incident analysis.
• Develop and refine incident response plans and playbooks.
• Participate in on-call rotation for critical security incidents as required.
• Security Awareness & Training:
• Develop and deliver security awareness training programs to educate employees on cybersecurity risks, phishing prevention, data protection, and secure computing practices.
• Promote a strong security-conscious culture across the organization.
• Research & Continuous Improvement:
• Stay current with the latest cybersecurity threats, trends, vulnerabilities, and technological advancements.
• Evaluate new security technologies and solutions to enhance the organization's security posture.
• Recommend improvements to existing security systems and processes.

What you will need to know/have

• Education:
• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field. (Relevant work experience may be considered in lieu of a degree).
• Experience:
• At least 1 year of experience in an IT Security Analyst, Information Security Specialist, or similar role.
• Proven experience with security frameworks (e.g., NIST, ISO 27001).
• Hands-on experience with security tools such as SIEM, IDS/IPS, vulnerability scanners, firewalls, and endpoint protection solutions.
• Technical Skills:
• Strong understanding of network protocols, operating systems (Apple, Windows, Linux), and cloud environments (e.g., AWS, Azure, GCP if applicable).
• Proficiency in identifying and mitigating common web application vulnerabilities (e.g., OWASP Top 10).
• Familiarity with scripting languages (e.g., Python, PowerShell) for automation and analysis is a plus.
• Knowledge of incident response methodologies.
• Soft Skills:
• Excellent analytical and problem-solving skills with a keen attention to detail.
• Strong communication skills (written and verbal) to articulate complex security concepts to technical and non-technical audiences.
• Ability to work independently and collaboratively in a team environment.
• Proactive and self-motivated with a strong sense of ownership and urgency.
• Ability to manage multiple priorities in a fast-paced environment.

It would be a bonus if you also had:

• CompTIA Security+
• (ISC)² SSCP, CISSP
• EC-Council CEH (Certified Ethical Hacker)
• GIAC certifications (e.g., GSEC, GCIA, GCIH)

Get in on all the awesome at Instructure!

• We offer competitive, meaningful benefits in every country where we operate. While they vary by location, here's a general idea of what you can expect:
• Competitive compensation and participation in Instructure’s equity program
• Flexible schedules and a remote-friendly culture, with hybrid or onsite work available in some regions for specific jobs. 
• Generous paid time off, including global holidays and our annual “Dim the Lights” company-wide shutdown from December 26 to December 31
• Comprehensive wellness programs and mental health support
• Annual learning and development stipends to support your growth
• The technology and tools you need to do your best work—typically a Mac, with PC options available in some locations
• Motivosity employee recognition program
• A culture rooted in inclusivity, support, and meaningful connection

$70,000 - $85,000 a year

This range reflects our target hiring range, with flexibility based on experience, skills, and market factors.

We’ve always believed in hiring the most awesome people and treating them right. We know that the more diverse we are, the more diverse our ideas will be — and when we openly welcome those ideas, our environment is better and our business is stronger.

At Instructure we participate in E-Verify and yes, in case you didn't catch it from the above, we are an Equal Opportunity Employer.

All Instructure employees are required to successfully pass a background check upon being hired.