Cyber Security Analyst

Job Description:

Education & Experience:

• Bachelor’s degree in computer science, Information Technology, or a related field. (Years of demonstrated experience may be considered in lieu of a degree).
• Experience working with the State or Federal or any Government Agency is a Plus

Specialized Experience:

• At least five (5) years of experience in a cybersecurity-related role, such as Cyber Security Engineer, Cyber Manager, or Cyber Analyst.
• Proven experience in performing security maturity assessments in alignment with the NIST Cybersecurity Framework.
• Strong understanding of cybersecurity best practices, risk management, and vulnerability remediation.
• Experience in preparing comprehensive security assessments and reports for leadership.

Skills & Requirements:

• Strong problem-solving skills with a keen attention to detail.
• Ability to present technical findings clearly to senior leadership and executives.
• Excellent communication skills to effectively engage a diverse range of stakeholders.
• Ability to travel within the state of Maryland as needed.
• Graduate degree in cybersecurity or related field (preferred).
• Experience with the NIST Cybersecurity Framework (NIST CSF).
• Relevant cybersecurity certifications are preferred.

Core Responsibilities:

Assessment and Analysis:

• Conduct comprehensive assessments of local cybersecurity infrastructure, including networks, tools, policies, and plans.
• Identify security vulnerabilities and gaps, analyzing risk factors to prioritize areas for improvement.

Remediation and Enhancement:

• Collaborate with local government stakeholders to implement security improvements and close identified vulnerabilities.
• Develop, draft, and refine cybersecurity policies, best practices, and strategic plans for local units.
• Recommend security solutions tailored to the needs of local governments to enhance their security posture.

Training and Capacity Building:

• Deliver training sessions on cybersecurity topics to local government personnel.
• Promote knowledge sharing and skill-building within local organizations.

Reporting and Risk Assessment:

• Prepare and present detailed reports to leadership, highlighting security gaps, risk factors, and suggested mitigation strategies.
• Translate technical assessments into actionable insights for non-technical stakeholders, ensuring alignment with strategic goals.

Collaboration and Communication:

• Build and maintain strong relationships with stakeholders, including government agencies at the state, federal, and local levels.