Cyber Security Analyst
Our direct client is seeking a Cyber Security Analyst. This position will be based in Westchester County, NY and will be responsible for supporting the information security function of the company and will report directly to the Head of IT & Security.
This role will be working on all things information security: from risk assessments, auditing, monitoring, response and prevention, providing consulting on cutting edge projects, performing training and growing the client's cybersecurity program.
This role will interact with IT professionals, administrators, and staff across the organization and assist with the management of the clients cybersecurity program, and increasing the user awareness level. This role will also review and maintain the IT Security Health Dashboard as well as establish strict audit & control processes to ensure mitigation of risks. This includes defining support process, analysis, coordination, security test, security documentation, and periodic audits to validate established security requirements and to recommend additional security requirements and safeguards.
This role will also maintain cybersecurity projects, in line with IT strategies laid out by the leadership; planning, researching, staffing and implementing technological solutions and ensure adherence to quality standards as well as scope, budget and timeline. Additional duties include:
- Develop detailed work plans, schedules, project estimates, resource plans and status reports. Manage vendor tasks and track and review vendor deliverables.
- Plan and oversee the annual security assessments (Vulnerability Scans, Network Scans, etc.) to ensure that technical resources are configured in a secure manner.
- Produce summary reports to notify cybersecurity committee and senior staff of potential risks and possible solutions.
- Monitor and advise on information security issues related to information systems to ensure the internal security controls for the company are appropriate and operating as intended.
- Research and implement new security tools that improve the overall security posture.
- Assist in the evaluation of IT control design and operational efficacy.
- Advance the design, delivery, and performance of IT security, risk, and compliance metrics and reporting.
- Provide assistance and guidance to auditors to ensure a timely and efficient completion of their examinations.
- Participate in the development and execution of remediation plans.
- Maintain ownership of select Information Security processes.
- Develop and maintain documentation for systems, policies, procedures, and standards, using NIST Framework.
- Create training materials and reports to increase awareness and understanding across the organization.
- Maintain the IT cybersecurity intranet site, and prepare alerts and notifications for all staff.
- Provide monthly cybersecurity health report.
- Ensure that employees are following computer use policies, information security and privacy.
- Contribute to team effort by accomplishing related results as needed.
- Bachelor’s degree preferred, or equivalent combination of education, training and experience.
- 2+ years’ experience working with Microsoft Windows Desktop and Server operating systems.
- Experience in IT, audit, risk, cyber security, or related compliance role preferred, but not required.
- Security certifications like Security+, GSE and CISSP are desirable.
- Excellent written and verbal communication skills.
- Able to clearly communicate technical concepts to both technical and non-technical audiences.
- Excellent planning of tasks, budgets and people.
- ITIL Certification desired.
- Strong skills using Power BI or other visualization tools.
- NIST HIPAA experience is essential.
- Experience with of frameworks like COBIT and ISO is desirable.
- Experience with third party vendor management.
- Understanding of risk concepts including risk identification, evaluation, mitigation, and measurement.
- Hands on knowledge of cyber security best practices and preventative measures.
- Strong Microsoft Windows desktop and server operating systems knowledge.
- Foster company success through a professional demeanor, being courteous to internal customers and associates, having a positive attitude, and being a team player.
- Ability to multi-task is essential.
- Microsoft Office applications, Microsoft Visio or similar flowcharting application.
- Communicate effectively and efficiently in all languages required by the job using whatever communication device or system is required.
Our client offers a diverse and team-based work environment with comprehensive benefits including medical, dental, vision and life insurance, flexible spending accounts, 403(b) and a matching 401(k), generous paid time off, onsite Wellness facilities, and educational assistance.
Job ID: 4573