Goodwill Kentucky · 3 days ago
Security Analyst
Louisville, Kentucky, United States
Full-time
Onsite
Entry, Mid Level
2+ years expGoodwill Kentucky is focused on safeguarding its information systems and digital assets. The Security Analyst will monitor, analyze, and improve the organization's security posture while collaborating with the VP of IT and Managed Security Service Provider (MSSP).
Telecom & CommunicationsConsumer GoodsConsumerEmail
Responsibilities
Partner with the Managed Security Service Provider (MSSP) to monitor security alerts, incidents, and threats across networks, systems, endpoints, and cloud environments
Triage, investigate, and respond to security incidents reported by MSSP, escalating appropriately and coordinating remediation efforts
Review MSSP reports and dashboards, translating findings into actionable insights for the CIO and IT leadership
Assist in identifying, assessing, and documenting cybersecurity risks and vulnerabilities
Support the development, maintenance, and enforcement of security policies, standards, and procedures
Participate in risk assessments, audits, tabletop exercises, and compliance activities (e.g. PCI, or other applicable regulations)
Collaborate with IT teams to implement security best practices, controls, and remediation plans
Help manage vulnerability scanning, patching coordination, and configuration reviews
Recommend tools, processes, and improvements to strengthen Goodwill Kentucky’s overall security posture
Serve as a trusted security partner to IT, leadership, and business teams
Support security awareness initiatives and promote a culture of cybersecurity across the organization
Communicate security risks and incidents clearly to both technical and non-technical stakeholders
Lead cybersecurity awareness training as needed and work closely with the Learning & Development team on cybersecurity training initiatives
Maintain incident reports, risk registers, policies, and security documentation
Provide regular updates and metrics to the CIO and leadership on security posture, trends, and areas of concern
Qualification
Required
Bachelor's degree in Information Security, Computer Science, Information Technology, or related field preferred (or equivalent experience)
2–5 years of experience in cybersecurity, security operations, or IT with a strong security focus
Familiarity with working alongside a Managed Security Service Provider (MSSP) or third-party security vendors
Understanding of common security tools and concepts (SIEM, EDR, firewalls, vulnerability management)
Strong analytical, problem-solving, and communication skills
Incident response and log analysis
Endpoint and network security (EDR, firewalls, VPNs)
Vulnerability scanning and remediation
Identity and access management (MFA, least privilege)
Microsoft 365 / cloud security fundamentals, Microsoft Purview, Microsoft Defender
Security frameworks and risk assessment
Security documentation and reporting
Preferred
Security certifications such as Security+, CISSP, CEH, or similar
Experience in nonprofit, healthcare, retail, or multi-site environments
Knowledge of compliance frameworks and regulations relevant to nonprofits or regulated data
Experience translating technical security issues into business-level risk discussions
Company
Goodwill Kentucky
Goodwill Kentucky is a 101-year-old nonprofit organization that operates in 103 of Kentucky’s 120 counties.
1001-5000 employees
Funding
Current Stage
Late StageTotal Funding
$4.5MKey Investors
Charter CommunicationsU.S. Department of LaborJewish Heritage Fund
2024-09-18Grant
2023-06-28Grant· $4M
2023-03-09Grant· $0.5M
Leadership Team
Mark Hohmann
CFO, CCO
Rena Sharpe
Chief Operating Officer
Recent News
24-7 Press Release Newswire
2025-06-27
2025-05-08
Lane Report | Kentucky Business & Economic News
2025-04-17
Company data provided by crunchbase