AVP, Information Security Analyst

Position Summary

Overview : The AVP Security Analyst is a mid-level role within TCW's Information Security team, with a strong focus on vulnerability management and cloud security (Azure). The team is responsible for safeguarding the confidentiality, integrity, and availability of the firm's data and technology assets through proactive monitoring, response, and the continuous improvement of information security controls and processes. The AVP will play a key role in strengthening the firm's security posture by driving vulnerability management activities, advancing Azure security controls, and collaborating with both technology and business teams to reduce risk across the enterprise.

Purpose : The AVP Security Analyst will support and lead the enhancement of TCW's information security operations by managing the vulnerability lifecycle, analyzing and assessing threats, and contributing to cloud and enterprise incident response activities. The AVP will work closely with experienced security professionals and cross-functional partners to identify risks, validate security events, and coordinate remediation efforts. This position requires strong technical expertise, hands-on experience with cloud security and vulnerability management, and the ability to operate effectively in a dynamic, regulated environment.

Essential Duties

• Lead the full vulnerability management lifecycle (scanning, assessment, prioritization, reporting, and remediation) across cloud and on-prem environments.
• Support and enhance asset discovery and management by leveraging tools such as Armis to ensure complete visibility of cloud, on-prem, and hybrid assets, enabling more effective vulnerability management, threat detection, and incident response.
• Implement, monitor, and improve Azure-native security controls, including identity, workload, and data protection, as well as CSPM and CNAPP tooling for cloud risk management.
• Investigate, validate, and escalate suspicious or anomalous activity through available tools and telemetry.
• Provide strong support for incident response, including investigation, containment, remediation, and lessons learned across the lifecycle of security incidents
• Manage and optimize SIEM and SOC operations, including detection engineering, correlation rules, alert handling, and escalation processes (Microsoft Sentinel preferred).
• Configure, manage, and maintain EDR capabilities to ensure effective endpoint visibility, protection, and response.
• Conduct technical and practical threat hunting in Azure and hybrid environments to proactively detect and mitigate risks.
• Utilize basic scripting / querying skills (KQL, PowerShell, Python) to support investigations, analysis, and automation efforts.
• Partner with infrastructure, application, and cloud teams to assess existing controls and implement security improvements.
• Participate in regular security operations reviews and recommend improvements to processes, tools, and controls.
• Stay current on evolving cloud security risks, vulnerability trends, and attack techniques, with emphasis on Azure.
• Perform other security-related duties as assigned.

Required Qualifications

Professional Skills Qualifications

This role requires candidates to work from a TCW office a minimum of four days a week. Flexibility for remote work is offered on one day, depending on business needs.

Estimated Compensation :

Base Salary : For a CA based position, the base salary is $135-150K.

Other Compensation : In addition to the base salary, this position will be eligible to be considered for an annual discretionary bonus.

Benefits

Eligible for TCW's comprehensive benefits package. See more information here.

J-18808-Ljbffr