Enable job alerts via email!
Security Analyst (NIST, CIS Critical Controls, ISO 27001, SSDLC, written risk assessments)
MVP Consulting Plus
City of Albany (NY)
On-site
USD 60,000 - 80,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
An established industry player is seeking a skilled Security Analyst to enhance their information security posture. In this role, you will implement comprehensive security measures and compliance programs for both IT and OT systems, ensuring the protection of critical business information. You will conduct thorough risk assessments using recognized industry standards and assist in resolving security threats. The ideal candidate will possess extensive experience in information security, along with relevant certifications and a strong educational background in fields such as Cybersecurity or Information Assurance. Join a dynamic team where your expertise will make a significant impact on the organization's security framework.
Qualifications
- 5 years experience in implementing information security programs.
- Experience in conducting risk assessments using industry standards.
- Certifications like GSEC, CISA, and Security+ are preferred.
Responsibilities
- Implement security and compliance programs for IT and OT systems.
- Conduct risk assessments and manage security threats.
- Evaluate systems for alignment with security policies.
Skills
Education
Tools
Job description
HBITS-06-13702
Duties include, but are not limited to:
- Implement information security and compliance programs for IT systems and OT systems.
- Conduct written risk assessments for existing systems/solutions, new systems/solutions, and services in use or to be used by the business.
- Assist with management and resolution of security threats to business information systems.
- Serve as information security analyst and evaluate systems and contracts for alignment with Business and State information security policies.
- Monitor and remain aware of information security industry trends, tools, and techniques.
- Perform additional duties as required.
Plans and carries out security measures to protect an organization's computer networks and systems.
Minimum Qualifications:
- 60 months experience implementing information security and compliance programs for IT systems and OT systems.
- 60 months experience conducting written risk assessments using industry standards such as NIST, CIS Critical Controls, ISO 27001, etc.
- 48 months experience triaging and determining mitigation plans (with and/or without Vendor) to resolve security threats to business information systems.
- 48 months experience evaluating business systems (Commercial Off the Shelf and Custom Developed) for alignment with IT and OT information security policies.
- 36 months experience in securing cloud environments.
- 36 months conducting information systems security analysis using Secure System Development LifeCycle (SSDLC).
- Applicable Information Security or Information Technology certifications such as GSEC, GOCSP, CGEIT, CISA, CRISC, GCCC, Security+, Network+, CCSP, CSSLP, ISSAP, ISSEP, SSCCP, etc.
- Bachelor's Degree or higher in one or more of the following: Information Security, Computer Science, Information Science, Information Assurance, Information System Management, Cybersecurity, Digital Forensics, IT Governance, Compliance and Risk Assessment.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
