Cybersecurity Analyst- W2 - Hybrid

Cybersecurity Risk Assessment & Remediation: Conduct thorough assessments of the organization's current security posture, identifying vulnerabilities and implementing remediation measures to mitigate risks

Security Architecture & Solution Design: Assist in designing and implementing security controls and systems to protect critical assets, data, and networks

Incident Response Support: Support incident response efforts by identifying and addressing potential security threats, conducting root cause analysis, and assisting with incident reporting and recovery efforts. Documentation & Reporting: Create and maintain clear, detailed security documentation, including policies, procedures, and incident reports. Ensure that security measures are documented for internal and external stakeholders.

Collaboration with Stakeholders: Work closely with IT, cybersecurity teams, and business units to ensure alignment of cybersecurity initiatives with organizational goals and regulatory requirements

Compliance Assurance: Ensure that cybersecurity policies and practices are aligned with applicable legal and regulatory requirements (e.g., GDPR, HIPAA, NIST)

Training & Awareness: Provide support for developing training materials and conducting awareness sessions on security best practices for various stakeholders across the organization

Security Monitoring: Assist in configuring and monitoring security tools (e.g., SIEM, IDS/IPS, EDR) to proactively detect and mitigate security threats

Cybersecurity Expertise: A minimum of 4-6 years of hands-on experience in the field of cybersecurity, with a strong understanding of threat detection, vulnerability management, risk assessment, and incident response

Experience with SIEM tools, IDS/IPS systems, firewalls, endpoint protection, and network security

Familiarity with data encryption techniques, secure network design, and cloud security principles

Proven ability to create clear, concise, and detailed documentation, including incident reports, security policies, procedures, and technical designs

Ability to communicate complex security concepts to both technical and non-technical stakeholders in an understandable and actionable way

Knowledge of key cybersecurity frameworks and compliance requirements, such as NIST, ISO/IEC 27001, GDPR, and HIPAA

Experience ensuring security measures meet regulatory and legal standards. Strong interpersonal and communication skills to effectively collaborate with cross-functional teams (IT, legal, compliance, and business units)

Ability to work with stakeholders to understand business needs and align security initiatives accordingly

Experience in identifying and managing cybersecurity risks, as well as responding to and mitigating security incidents

Ability to support incident response and assist with post-incident analysis and reporting

5 years of incident response experience

3 years of Firewall, IDS/IPS experience

2 years of SIEM experience

2 years' experience with Endpoint Detection and Response (EDR), Managed Detection and Response (MDR)

2 years of vulnerability management experience

Security Awareness and Training experience

3 years' experience with Compliance and assessment against security frameworks such as NIST 800-53, NIST CSG, CIS Top 18

Cloud security experience

Relevant certifications such as CISSP, CISM, CISA, CompTIA Security , CEH (Certified Ethical Hacker), or similar

Experience securing cloud environments such as AWS, Azure, or Google Cloud, and using cloud-native security tools

Project Management Skills: Ability to prioritize tasks, manage deadlines, and work independently or as part of a team to achieve objectives in a timely manner