Senior Information Security Analyst

About us: 
Templafy is the next gen document generation platform that automates all document creation across organizations.  Our platform eliminates manual document work allowing companies to drive governance, efficiency and ultimately business results. Templafy supports millions of users and enables over 800 enterprise customers such as KPMG, IKEA, BDO and more. 

Founded in Copenhagen, Denmark, in 2014, Templafy’s success is built by our 60+ employee nationalities found at offices around the world. We believe when people feel they belong, have a voice, and feel heard, they are happier and perform better, and that way, everyone wins. Our innovation, diversity, and unique product have raised over 200 million in funding from Insight Venture Partners, Seed Capital, Dawn Capital, Damgaard Company and Golub Capital.  

Position Summary 

We are seeking a Senior Information Security Analyst to lead incident response, enhance security tooling and controls, and execute advanced threat hunting and modeling initiatives. This is an operationally focused role, requiring broad experience across multiple security domains. While the primary focus is on IT security, the role will also provide advisory support on product and cloud security risks in collaboration with engineering and product teams. As our IT security capabilities mature, there will be opportunities to expand into application and cloud security. 

On a daily basis, you'll collaborate with our security governance lead, IT system administrator, and MSP partners to enhance our security framework. You will manage the complete incident response process, conduct forensic investigations, and oversee critical security tools like SIEM, EDR, and vulnerability scanners. You’ll also implement technical controls, harden systems, and consult with IT, engineering, product, and business teams to ensure security is embedded throughout our infrastructure and workflows. 

The ideal candidate has 4–6 years of hands-on information security experience, with proficient analytical skills to investigate complex incidents, synthesize data, and make well-informed decisions. You should be a team-oriented, self-driven professional who thrives in cross-functional collaboration and proactively identifies and mitigates security risks. Since we value in-person collaboration, we encourage working from the office three times per week to promote teamwork and knowledge sharing. Clear and effective communication with both technical and non-technical stakeholders is essential. 

Key Responsibilities: 

• Lead end-to-end incident response, from detection and containment to recovery and post-incident analysis, including digital forensics and root cause investigations. 
• Develop, test, and maintain incident response playbooks and escalation workflows. 
• Identify unknown security threats using threat intelligence frameworks (e.g., MITRE ATT&CK) and analyze system/network logs for anomalous activity and indicators of compromise (IoCs). 
• Set up, monitor, and manage security tools, including Security information and event management (SIEM), Endpoint detection and response (EDR), vulnerability scanners, email security, privileged access management (PAM) and cloud access security broker (CASB) solutions. 
• Implement and enforce security controls and hardening practices aligned with CIS Controls and industry best practices across Windows, macOS, and cloud/SaaS environments.  
• Stay current on emerging threats, attack techniques, and vulnerabilities, applying research to improve detection and response. 
• Work with IT, engineering and other business teams to embed security best practices across the organization and improve overall security posture. 

Required Qualifications: 

• Experience: 4-6 years in related operational information security experience. 
• Education: Bachelor’s degree in Cybersecurity, Computer Science, IT or equivalent. 
• Demonstrated experience in leading incident response, forensic investigations, and root cause analysis. 
• Extensive hands-on experience with SIEM, EDR, vulnerability management, CASB, IAM and endpoint security in Windows and macOS environments. 
• Familiarity with threat intelligence frameworks such as MITRE ATT&CK and the Cyber Kill Chain. 
• Scripting or automation skills (Python, Bash, PowerShell) 

Preferred Qualifications: 

• Certifications such as GCIH, GCFA, CEH, CySA+, Security+, or equivalent. 
• Background in or exposure to cloud (Azure) or product security principles 
• Experience with DevSecOps and security orchestration and automation (SOAR) tools. 
• Experience with ISO 27001, SOC 2, CIS or NIST CSF. 

Templafy is a workplace of belongingness. To us this means that you have a voice, you dare to speak up, and your voice is heard. We focus on offering an environment that allows all employees to feel that they belong regardless of race, color, ancestry, religion, gender, gender identity, genetic information, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or other status.