Responsibilities

• Monitor security tooling and dashboards; perform first-level triage of alerts generated by the SIEM, EDR, and email security platforms; apply established runbooks to analyze and disposition alerts and escalate to senior analysts when events exceed defined scope or complexity.

• Investigate end-user-reported phishing emails; analyze headers, URLs, and attachments using sandboxing and threat intelligence tools; document findings, execute containment actions within defined authority, and escalate confirmed threats per incident response procedures.

• Participate in security incident response activities as an active contributor; execute assigned containment and remediation tasks; produce accurate post-incident documentation including timelines, actions taken, and lessons learned.

• Execute vulnerability management operational tasks including review and triage of scan results from Rapid7 InsightVM, severity-based prioritization of findings, and coordination of remediation tracking with IT asset owners.

• Support Identity and Access Management (IAM) operations, including execution of access reviews, identity lifecycle tasks (joiner/mover/leaver workflows), and identity governance activities in coordination with the IAM team.

• Monitor threat intelligence feeds and security advisories; summarize relevant emerging threats and indicators of compromise for team review and escalate high-priority advisories as appropriate.

• Maintain and improve security documentation, standard operating procedures, and knowledge base articles; ensure operational runbooks remain accurate and current.

• Collaborate with team members on security alert analysis and operational process improvement; contribute observations and recommendations to team discussions.

• Additional duties as assigned.

Position Requirements

Knowledge, Skills, and Abilities

• Working knowledge of core security concepts including network security fundamentals, common attack techniques and threat actor tactics (MITRE ATT&CK framework familiarity preferred), the CIA triad, and security monitoring principles.

• Hands-on experience with two or more of the following technology domains: Active Directory/Microsoft Entra ID, SIEM platforms (Splunk, Microsoft Sentinel), endpoint detection and response (EDR) tools, email security platforms (e.g., Mimecast), vulnerability management tools (e.g., Rapid7 InsightVM), or public cloud environments (Azure, AWS).

• Ability to independently execute structured security operational procedures; recognize when events exceed defined scope and escalate appropriately.

• Strong analytical and investigative skills; ability to synthesize information from multiple sources and reach sound, documented conclusions.

• Effective written and verbal communication skills; ability to produce clear, concise incident documentation, ticket notes, and operational reports.

• Strong attention to detail; ability to manage multiple concurrent tasks and prioritize effectively in a dynamic environment.

• Demonstrated ability to handle sensitive and confidential information with appropriate discretion.

Experience

• 1–3 years of professional experience in a cybersecurity, information security, or IT operations role, or an equivalent combination of education and demonstrated hands-on experience.

• Prior experience performing security alert triage, phishing investigation, vulnerability management, or incident response activities in an enterprise environment is strongly preferred.

• Experience working with enterprise security tooling in a professional or lab environment is required; experience in a managed security services or SOC environment is a plus.

Education

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field required. Equivalent professional experience will be considered in lieu of a degree.

Licensing and/or Certification

No certifications are required for this role. The following credentials are preferred and will strengthen a candidate’s application:

• CompTIA Security+ (preferred)

• CompTIA Network+

• ISC² Certified in Cybersecurity (CC) or SSCP

• Microsoft Security Operations Analyst (SC-200)

• Microsoft Security, Compliance, and Identity Fundamentals (SC-900)

• Other recognized security operations or analyst-track certifications

About Integrity

Integrity is one of the nation’s leading independent distributors of life, health and wealth insurance products. With a strong insurtech focus, we embrace a broad and innovative approach to serving agents and clients alike. Integrity is driven by a singular purpose: to help people protect their life, health and wealth so they can prepare for the good days ahead.

Integrity offers you the opportunity to start a career in a family-like environment that is rewarding and cutting edge. Why? Because we put our people first! At Integrity, you can start a new career path at company you’ll love, and we’ll love you back. We’re proud of the work we do and the culture we’ve built, where we celebrate your hard work and support you daily. Joining us means being part of a hyper-growth company with tons of professional opportunities for you to accelerate your career. Integrity offers our people a competitive compensation package, including benefits that make work more fun and give you and your family peace of mind. 

Headquartered in Dallas, Texas, Integrity is committed to meeting Americans wherever they are — in person, over the phone or online. Integrity’s employees support hundreds of thousands of independent agents who serve the needs of millions of clients nationwide. For more information, visit Integrity.com.

Integrity, LLC is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, disability, veteran status, or any other characteristic protected by federal, state, or local law. In addition, Integrity, LLC will provide reasonable accommodations for qualified individuals with disabilities.