We have a project with a client in San Joaquin County, CA for a Cyber Security Analyst who will be responsible for ensuring the security of the client's infrastructure, managing compliance with regulatory frameworks, conducting security assessments, and driving complex issue resolution across various aspects of the organization. The ideal candidate will possess a strong background in cybersecurity, regulatory compliance, cloud security, and vendor management. Remote or Onsite: Hybrid (1 day onsite per week) Job Description:
- Incident Response: Participate in incident response efforts, which may include identifying, investigating, and resolving security incidents. This often involves working closely with other members of the IT team.
- Conduct framework assessments and security audits to ensure compliance and identify areas for improvement according to regulatory compliance requirements including NIST CSF, NIST 800.53, NIST 800-171, ITIL, ISO 27001, CIS, CJIS, DOJ and GRC frameworks.
- Lead efforts to resolve complex cybersecurity issues and vulnerabilities.
- Implement and maintain data security measures, including encryption, access control, and incident response.
- Monitor Security Systems: Monitor the organization's security systems and infrastructure for signs of intrusions or suspicious activity. This may involve working with tools like SIEM (Security Information and Event Management) systems, IDS/IPS (Intrusion Detection/Prevention Systems), and firewalls.
- Security Tool Management: Implement and manage security tools. This may include endpoint protection systems, network security appliances, or cloud security tools.
- Vulnerability Management: Perform regular vulnerability assessments and penetration testing. Recommend and implement remediation measures for identified vulnerabilities. Prepare reports and documentation on security assessments, audits, and incident responses for internal and external stakeholders.
- Work on initiative to perform HIPAA and BIA (Business Impact Assessment for various department.
Job Requirements:
- Bachelor's degree in information technology, Cybersecurity, or related field (or equivalent experience).
- 7+ years of experience in a cybersecurity role, with a focus on infrastructure security and regulatory compliance.
- In-depth knowledge of NCUA, FDIC, NIST CSF, NIST 800.53, NIST 800-171, ITIL, ISO 27001, CIS, DOJ, CJIS and GRC frameworks.
- Proven experience in conducting framework assessments, security audits, and ensuring compliance with regulatory standards.
- Strong understanding of Incident Response planning.
- Experience with cloud security technologies and best practices.
- Excellent problem-solving skills with a track record of complex issue resolution in cybersecurity.
- Experience in vendor management and ensuring third-party security compliance.
- Experience with Tanium, Abnormal, CrowdStrike, KnowBe4, Palo alto, MS Defender, and Sentinel etc.
- Strong project management skills with the ability to manage multiple cybersecurity projects simultaneously.
- Industry certifications such as CISSP, CISA, CRISC, or CCSP are a plus.
Skills & Abilities:
- Strong understanding of data security best practices.
- Ability to communicate effectively with both technical and non-technical stakeholders.
- Analytical mindset with the ability to assess risks and prioritize tasks accordingly.
- Self-motivated, detail-oriented, and able to work independently as well as in a team.