Job Description

Display Goodwill’s Core Values of Hope, Dignity, Partnership, and Service

The Security Analyst plays a key role in safeguarding Goodwill Kentucky’s information systems, digital assets, and operational technology. Working closely with the VP of IT and Goodwill’s Managed Security Service Provider (MSSP), this role is responsible for monitoring, analyzing, and improving our security posture while ensuring risks are identified, communicated, and mitigated in alignment with business priorities.

This position blends hands-on security analysis with strong collaboration, documentation, and continuous improvement to keep Goodwill Kentucky safe, resilient, and compliant.

Security Operations & Monitoring

Partner with the Managed Security Service Provider (MSSP) to monitor security alerts, incidents, and threats across networks, systems, endpoints, and cloud environments.

Triage, investigate, and respond to security incidents reported by MSSP, escalating appropriately and coordinating remediation efforts.

Review MSSP reports and dashboards, translating findings into actionable insights for the CIO and IT leadership.

Risk Management & Governance

Assist in identifying, assessing, and documenting cybersecurity risks and vulnerabilities.

Support the development, maintenance, and enforcement of security policies, standards, and procedures.

Participate in risk assessments, audits, tabletop exercises, and compliance activities (e.g. PCI, or other applicable regulations).

Security Improvement & Hardening

Collaborate with IT teams to implement security best practices, controls, and remediation plans.

Help manage vulnerability scanning, patching coordination, and configuration reviews.

Recommend tools, processes, and improvements to strengthen Goodwill Kentucky’s overall security posture.

Awareness & Collaboration

Serve as a trusted security partner to IT, leadership, and business teams.

Support security awareness initiatives and promote a culture of cybersecurity across the organization.

Communicate security risks and incidents clearly to both technical and non-technical stakeholders.

Lead cybersecurity awareness training as needed and work closely with the Learning & Development team on cybersecurity training initiatives.

Documentation & Reporting

Maintain incident reports, risk registers, policies, and security documentation.

Provide regular updates and metrics to the CIO and leadership on security posture, trends, and areas of concern.

No supervisory responsibilities

• A. Bachelor’s degree in Information Security, Computer Science, Information Technology, or related field preferred (or equivalent experience).
• B. 2–5 years of experience in cybersecurity, security operations, or IT with a strong security focus.
• C. Familiarity with working alongside a Managed Security Service Provider (MSSP) or third-party security vendors.
• D. Understanding of common security tools and concepts (SIEM, EDR, firewalls, vulnerability management).
• E. Strong analytical, problem-solving, and communication skills.

• A. Security certifications such as Security+, CISSP, CEH, or similar.
• B. Experience in nonprofit, healthcare, retail, or multi-site environments.
• C. Knowledge of compliance frameworks and regulations relevant to nonprofits or regulated data.
• D. Experience translating technical security issues into business-level risk discussions.
• A. Incident response and log analysis
• B. Endpoint and network security (EDR, firewalls, VPNs)
• C. Vulnerability scanning and remediation
• D. Identity and access management (MFA, least privilege)
• E. Microsoft 365 / cloud security fundamentals, Microsoft Purview, Microsoft Defender
• F. Security frameworks and risk assessment
• G. Security documentation and reporting

• A. Work with MSSP to make sure Security incidents are identified and addressed quickly and effectively with root cause communicated.
• B. Leadership has clear visibility into risks and security posture.
• C. Strong, collaborative relationships with the MSSP, VP of IT, and internal IT teams.
• D. Continuous improvement in security maturity without slowing down Goodwill Kentucky’s mission.

• A. This job may have physical requirements that are considered sedentary work. Sedentary work involves sitting for long periods of time; occasional bending, squatting, kneeling, stooping; good finger dexterity and feeling; frequent repetitive motions; talking, hearing, and visual acuity and occasional lifting up to 15 pounds.
• B. Travel to other locations beyond the assigned work location is occasionally required.