Perennial Resources International - New York, NY
posted about 2 months ago
The Lead Cybersecurity Analyst is a pivotal role within the organization, responsible for spearheading the implementation of cybersecurity controls and ensuring the integrity of the organization's information systems. This position requires a proactive approach to managing cybersecurity projects, developing reporting dashboards, and maintaining metrics that reflect the effectiveness of security measures. The Lead Cybersecurity Analyst will serve as the primary point of contact for conducting periodic vulnerability assessments and coordinating remediation activities with both internal teams and external partners. This role is essential in fostering a culture of cybersecurity awareness and vigilance across the organization. In addition to leading the implementation of cybersecurity controls based on the NIST framework, the Lead Cybersecurity Analyst will continuously measure the effectiveness of these controls and work collaboratively with vendors, carriers, and IT teams to troubleshoot existing security measures and implement new ones. The analyst will also lead cross-functional efforts to develop and maintain cybersecurity alerts, ensuring that the organization is prepared to respond to potential threats. The role encompasses incident response and forensics, where the analyst will monitor and analyze cybersecurity events, coordinate incident response efforts across on-premises and cloud environments, and conduct digital forensics investigations to identify root causes of security incidents. Collaborating with the VP of IT, the Lead Cybersecurity Analyst will help develop and maintain the Incident Response plan, ensuring that the organization is equipped to handle cybersecurity incidents effectively. Furthermore, the analyst will validate and identify risks associated with system integrations, assist in evaluating new software and SaaS platforms for compliance with cybersecurity best practices, and provide expertise in the integration and engineering of security platforms. A key responsibility will be to develop and deliver comprehensive cybersecurity awareness training programs, including regular phishing email exercises to enhance employee vigilance. The analyst will also assess the cybersecurity impact of all changes through participation in the Change Control process, contributing to a culture focused on control effectiveness and risk reduction. The Lead Cybersecurity Analyst will be on call 24/7 for urgent cybersecurity issues, demonstrating the critical nature of this role in safeguarding the organization's information assets.