Cybersecurity Analyst

Intone Networks - New York, NY

posted 3 months ago

Full-time - Mid Level
New York, NY
Professional, Scientific, and Technical Services

About the position

The Cybersecurity Analyst position is a critical role within our organization, focusing on the protection of sensitive information and the integrity of our information systems. The successful candidate will be responsible for analyzing data and information from various sources to prepare the environment for security operations. This includes responding to requests for information and submitting intelligence collection and production requirements that support planning and operations. The role requires interaction at multiple levels of the organization to establish and maintain a robust security posture that aligns with the organization's risk tolerance, information access requirements, business strategies, and compliance requirements. In this position, the Cybersecurity Analyst will integrate overarching security frameworks across multiple complex disciplines to provide customer-focused technology solutions that are secure, cost-effective, and efficient. The analyst will coordinate and oversee the production of evidence to support both internal and external audits, ensuring compliance with established protocols. Conducting internal risk, vulnerability, and compliance assessments is a key responsibility, where the analyst will identify risks and vulnerabilities, recommend security measures, and develop policies and controls for risk mitigation. The role also involves preparing and updating incident response plans, performing incident response activities, and ensuring periodic monitoring of audit logs. The Cybersecurity Analyst will work closely with developers to implement and manage security measures for information systems and applications, ensuring compliance with federal, state, local, and agency requirements. Additionally, the analyst will serve as a Subject Matter Expert (SME), advising on best practices for data protection, auditing, and monitoring. Communication is vital in this role, as the analyst will prepare and present status reports on information security programs and projects to senior executives. The position also includes assisting with information security awareness training and developing metrics to assess the effectiveness of the Agency's InfoSec policies and controls. The Cybersecurity Analyst will perform other professional responsibilities as assigned, contributing to the overall security and integrity of the organization's information systems.

Responsibilities

  • Analyze data/information from one or multiple sources to conduct preparation of the environment, respond to requests for information, and submit intelligence collection and production requirements in support of planning and operations.
  • Interact at multiple levels of the organization to establish and maintain a strong and adaptive security posture that aligns with organizational risk tolerance, information access requirements, business strategies, and compliance requirements.
  • Integrate overarching security frameworks across multiple, complex disciplines in support of the business needs of the Agency to provide customer-focused technology solutions in a secure, cost-effective, and efficient manner.
  • Coordinate and oversee the production of evidence to support internal and external audits.
  • Conduct internal risk, vulnerability, and compliance assessments to identify risks, vulnerabilities, and compliance shortcomings; recommend/develop security measures, policies, and controls for risk/vulnerability mitigation and remediation of compliance findings.
  • Prepare and/or update incident response plans and perform incident response activities as directed and in accordance with established Agency procedures and guidelines and those of the Client.
  • Ensure periodic monitoring of audit logs occurs in accordance with requirements, and report findings and concerns for further analysis and/or action, including breach notification and initiation of incident response, in accordance with Agency protocols/procedures and CISO direction/guidance.
  • Work with developers to plan, implement, manage, and coordinate appropriate security measures for information systems/applications that control access to data, and prevent unauthorized modification, destruction, or disclosure of information in accordance with federal, state, local, and agency requirements, policies, and directives.
  • Prepare and/or update Plan of Actions & Milestones (POA&M) that identify security weaknesses and establish milestones and compensating controls for remediating these weaknesses and tracking the progress and effectiveness of the remediation.
  • Serve as a Subject Matter Expert (SME), advising on current best practice and strategies for the protection, auditing, and monitoring of data, data storage, and transmission paths.
  • Work with business owners, IT managers, staff, and vendors to provide timely and efficient coordination of information assurance/security services to meet Agency needs.
  • Prepare and communicate status of Agency information security programs and projects to senior executives through oral and written reports and presentations.
  • Assist with information security awareness training activities and preparation of awareness training materials.
  • Develop and communicate security metrics to assess effectiveness of, and compliance with, the Agency's InfoSec policies and controls.
  • Perform other professional responsibilities as assigned.

Requirements

  • Bachelor's degree in information technology, computer science, information assurance, or a related field from an accredited college or university.
  • Five years of information technology experience, with one year in information security or information assurance.
  • Certified Information Systems Security Professional (CISSP).
  • Certified Information Security Manager (CISM).
  • Certified Information Systems Auditor (CISA).
  • Demonstrated professional experience developing and communicating an information security strategy and aligning projects, initiatives, and resources to execute against the strategy.
  • 7 years of demonstrated knowledge of network, operating system, database, and application security.
  • 7 years of knowledge of current and emerging (Next Gen) Information Security Technologies and Practices.
  • 7 years of experience in Cloud-based solutions and environments.
  • 7 years of information technology experience.
  • 5 years of information security or information assurance experience.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service