Division / Department: Information Technology (IT) / AdministrationReports To: Director of Information Technology (IT)Position Classification/ Type: Full-Time, Exempt / SalariedLocation: Remote - Stellar Virtual (Texas Only)

About Us

Stellar Virtual is a dynamic and rapidly growing Texas-based virtual company in an emerging space of innovation in education. Our mission is empowering families and unleashing potential. We serve parents of K-12 students who are unhappy with their current school or need an at-home/flexible learning environment. We offer tailored teaching we call uBu! that enhances the strengths of each unique student. Our School of One approach ensures that we are responsive and build relationships so that our students and families receive the time and attention they need. We believe in Education with Destination and provide each child with foundational skills for future planning.
Our PromiseA high-quality virtual school empowering families with dedicated staff focused on student outcomes and an exceptional customer experience, our program will enable students to thrive and unleash their full potential.

Our MissionEmpowering Families. Unleashing Potential. 

Our Culture & Values

• Kids First, Always!
  • Our actions, decisions, and behaviors are always grounded by what is best for kids.
• Respect
  • Assume positive intent with our students, families, and colleagues.
• Create, Collaborate, and Communicate
  • Demonstrate the skills we want our students to learn.
• Make Your Motion Matter
  • Prioritize, focus, and support company goals.
• Go the Extra Mile
  • Customer Service is everyone’s job.

Technology AspectTo establish a clear duty of care, Stellar Virtual and its affiliates require all employees to cover the costs associated with acquiring and providing the equipment (i.e., computers, internet service, telephone, home office setup, etc.) associated with virtual employment.

Position Overview

The Information Security Analyst will play a crucial role in safeguarding our organization's information assets and ensuring compliance with security policies and regulations. This position requires a proactive individual with a strong understanding of cybersecurity principles, risk management techniques, and emerging threats in the digital landscape.

This role is divided into five areas:

• Security Monitoring and Incident Response:
  • Monitor security events and alerts from various sources, including SIEM (Security Information and Event Management) systems, intrusion detection systems, and endpoint security tools.
  • Investigate and respond to security incidents, conducting thorough analysis to determine the root cause and extent of the breach.
  • Develop and implement incident response plans, coordinating with relevant stakeholders to contain and mitigate security incidents effectively. This includes disaster recovery, business continuity plans, and communication plans.
• Vulnerability Management:
  • Conduct/oversee regular vulnerability assessments and penetration tests to identify weaknesses in the organization's infrastructure, applications, and systems.
  • Prioritize and remediate vulnerabilities based on risk assessment, working closely with system administrators and software developers to implement patches and security updates.
  • Review policies and practices around data at rest, in transit and in use. Make recommendations and implement improvements as necessary.
  • Monitor industry alerts and advisories to stay informed about new vulnerabilities and emerging threats, proactively addressing potential security risks.
• Security Policy and Compliance:
  • Assist in the development, implementation, and enforcement of information security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.
  • Conduct security awareness training sessions for employees to promote a culture of security awareness and adherence to security policies.
  • Perform periodic security assessments and audits to assess compliance with internal security controls and external regulations (e.g., GDPR, HIPAA, ISO 27001).
  • Review vendor contracts and their processes, including those handling sensitive data, to ensure compliance.
• Risk Assessment and Mitigation:
  • Conduct risk assessments to identify and evaluate potential security risks and threats to the organization's information assets.
  • Collaborate with business units to assess the impact of identified risks and develop risk mitigation strategies and action plans.
  • Monitor risk indicators and key performance metrics to track the effectiveness of risk mitigation efforts and adjust strategies as needed.
• Security Tools Administration:
  • Manage and maintain security tools and technologies, including firewalls, antivirus software, encryption tools, and authentication systems.
  • Configure security controls and policies to optimize the effectiveness of security tools and ensure alignment with security requirements and objectives.
  • Evaluate new security technologies and solutions, making recommendations for their implementation based on business needs and security priorities.

Required Skills, Knowledge, and Abilities

• Passionately committed to the mission of Stellar Virtual;
• Proactive and fast learner who thrives in a fast-paced environment;
• Collaborative team player with a positive work culture mindset;
• Self-starter who will manage responsibilities with minimal oversight;
• Detail-oriented and able to manage simultaneous projects without compromising deadlines or quality of work
• Clear communicator with meeting facilitation and public speaking abilities;
• Tech-savvy, with knowledge of (but not limited to) Google Workspace, Excel, Nectar, and project management software (e.g., Asana);
• Commitment to continuous learning and professional development.
• Proven experience (3 years) in information security roles, with a focus on security monitoring, incident response, and vulnerability management.
• Strong understanding of cybersecurity principles, including network security, encryption, access control, and identity management.
• Familiarity with security frameworks and standards (e.g., NIST Cybersecurity Framework, CIS Controls, GDPR, PCI DSS).
• Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and vulnerability scanning tools.
• Knowledge of regulatory environment surrounding student data and privacy (FERPA, COPPA)
• Excellent analytical and problem-solving skills, with the ability to analyze complex security incidents and recommend effective solutions.
• Effective communication skills, with the ability to convey technical information to non-technical stakeholders.
• Ability to work both independently and collaboratively in a fast-paced environment, prioritizing tasks and meeting deadlines.

Education & Certification Requirements

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field. 
• Master’s degree or relevant certifications (e.g., CISSP, CISM, CEH) preferred or equivalent experience.

Available Benefits

• Medical Insurance (HMO and PPO)
• Dental Insurance (PPO)
• Vision Insurance (PPO)
• Health Savings Account
• Retirement Savings (401k and Roth IRA)
• Generous Paid Time Off (PTO)
• Disability (Short and Long-Term)
• Employer-Paid Life Insurance ($25,000)
• Company-Paid Holidays (10 Paid Holidays Year-Round)
• Nectar Employee Recognition Incentives

EEO Statement: At Stellar Virtual, we embrace diversity and foster an inclusive and supportive work environment. We welcome applicants from all backgrounds and experiences. Stellar Virtual is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. Stellar Virtual participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

At-Will Notice: Employment with Stellar Virtual will be on an at-will basis. As such, this position description is not a contract or guarantee of employment for a definite amount of time.