Senior Information Security Analyst
Company: Vesync
Location: Tustin
Posted on: February 17, 2026
|
|
|
Job Description:
Job Description Job Description The Company: VeSync is a
portfolio company with brands that cover different categories of
health & wellness products. We wouldn’t be surprised if you have
one of our Levoit air purifiers in your living room or a COSORI air
fryer whipping up healthy and delicious meals for you every night.
We’re a young and energetic company, we’ve had tremendous success,
and we are constantly growing our team. As we garner more industry
attention – just check out our accomplishments and awards by CES
Innovation, iF Design, IGA, and Red Dot – we also need driven and
talented people to join our team. That brings us to you, and what
you’ll be joining. Our teams are smart and diligent and take
ownership of their work – they’re confident in their work but know
how to collaborate with open ears and a spirit of learning. If
you’re down-to-earth, approachable, and easy to strike up a
conversation with, this may be a great fit for you. Check out our
brands: levoit.com \u007C cosori.com \u007C etekcity.com\u007C
pawsync.com The Opportunity: Information Security Planning •
Develop and implement comprehensive information security plans to
safeguard the security of company data and assets, including
on-premise and cloud environments. • Thoroughly analyze the
company's business processes and data characteristics, and combine
industry best practices and frameworks such as NIST Cybersecurity
Framework (CSF)to create customized security plans, ensuring the
confidentiality, integrity, and availability of information assets
in various scenarios. Policy Development and Compliance • Create
security policies and ensure that the company's operations are in
strict compliance with industry standards (e.g., ISO 27001, NIST,
GDPR) and regulatory requirements. • Continuously monitor industry
trends and regulatory changes, and adjust security policies in a
timely manner to provide a solid security and compliance framework
for the company's business operations. • Experience with OneTrust,
Drata or similiar tools System, Network and Cloud Security •
Maintain and enhance security measures for systems, networks , and
public cloud platforms (e.g., AWS, Azure, GCP) to prevent potential
threats. • Utilize advanced technical means and tools to conduct
real - time monitoring and risk early warning of systems, networks,
and cloud environments, promptly detect and block various attack
behaviors, and ensure the stable and secure operation of IT
infrastructure. • Familiar with AWS security suites • Familiar with
security scorecards, SIEM tools and dashboards (Splunk, QRadar,
Rapid7, Wazhu) Security Monitoring and Incident Response • Monitor
security events in real - time, respond promptly to emergencies,
and effectively mitigate risks. • Build an efficient security
monitoring platform, use intelligent analysis technology to
promptly capture abnormal behaviors, activate emergency response
plans, and minimize the impact of security incidents. • Conduct
re/blue team exercise Security Awareness and Training • Develop and
deliver security training programs to enhance employees' security
awareness and encourage their adherence to best practices. • Design
targeted training courses according to the needs of different
positions and use diverse training methods to ensure that employees
have a deep understanding of and implement security requirements.
Access Control and Identity Management • Oversee user access
controls, regularly review permissions, and ensure secure identity
management. • Implement a strict access control mechanism, Conduct
regular audits of user permissions, and use reliable identity
management systems to prevent unauthorized access and ensure the
security of company resources. Risk Assessment and Management •
Conduct comprehensive risk assessments, identify vulnerabilities,
and implement effective mitigation strategies. • Use scientific
risk assessment methods and frameworks such as NIST CSF to evaluate
potential threats and vulnerabilities, formulate corresponding
mitigation measures based on the assessment results, and
continuously improve the company's security defense capabilities. •
Develop KPIs and metrics Documentation and Mentorship • Document
Cyber Security controls, detection rules and playbooks • Mentoring
team members What you bring to the role: Bachelor’s degree in
Information Security, Computer Science, or a related field. 8 years
of experience in information security, with a strong background in
security event analysis, incident response, vulnerability
management, and risk assessment. Hands-on experience with public
cloud security (e.g., AWS, Azure, GCP), including cloud-native
security tools and best practices. Familiarity with security
regulatory compliance standards and frameworks such as NIST CSF,
ISO 27001, and CIS. Knowledge of network security principles,
intrusion detection/prevention systems (IDS/IPS), firewalls, and
endpoint protection. Understanding these aspects is essential for
ensuring the company's security compliance and building a robust
security defense system. Strong analytical and problem - solving
skills, with the ability to quickly identify and mitigate security
threats. Relevant security certifications such as CISSP, CISM, CEH
are a plus. Location: This is an on-site, office-based role in
Tustin, CA. Salary: Starting at $125K Perks and Benefits: 100%
covered Medical/Dental/Vision insurance for employee AND spouse
dependents! 401K with 4% employer match (eligible after 90 days of
employment) and immediate 100% vesting Generous PTO policy paid
holidays Life Insurance Voluntary Life Insurance Disability
Insurance Critical Illness Coverage Accident Insurance Healthcare
FSA Dependent Care FSA Travel Assistance Program Employee
Assistance Program (EAP) Fully stocked kitchen
Keywords: Vesync, Santa Monica , Senior Information Security Analyst, IT / Software / Systems , Tustin, California
