Cybersecurity Analyst

Job Summary:

The Cybersecurity Analyst role will focus on threat intelligence and will be expected to manage various technologies at an advanced or expert level. The analyst is responsible for information security policy development and maintenance; coordinates the investigation and reporting of security incidents; works with auditors and examiners to ensure the network and systems are secure and meet regulatory guidelines; monitors and assesses the organization’s information security and makes recommendations for improvement; and schedules/performs periodic penetration tests, vulnerability assessments, and risk assessments. There will be expectations to work non-traditional hours to support such duties.

Estimated Salary Range: $79,000-92,000

Essential Functions:

• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures)
• Review logs and reports of all in-place devices and interpret the implications of that activity and devise plans for an appropriate resolution.
• Participate in investigations into problematic activity.
• Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
• Assist in ensuring that the Company is up to date with the latest security standards, patches, network protocols and products.
• Recommend improvements to the current security posture.
• Identify areas where controls are lacking or inadequate.
• Assist in preparing the organization to respond to possible security incidents and breach.
• Research security architecture, security technologies and security solutions.
• Understand current infrastructure and network architecture.
• Assess current security controls.
• Identify operational configurations of workstations as per the established baselines and take actions to remedy misconfigurations.
• Investigate potentially harmful emails and take actions to ensure that the threat is neutralized.
• Identify sensitive data locations and make suggestions for safeguarding said data.
• Be familiar with NIST 800-171 and the CMMC and apply standards.
• Identify areas in which the company must follow NIST 800-171.
• Assist in implementing or upgrading solutions pertaining to NIST compliance.
• Identify areas that the company needs to improve on for the CMMC.
• Assist in scheduling and leading Vulnerability Assessment meetings, Risk Assessment meetings, NIST compliance meetings, CMMC task meetings, or any other security related meetings.