Senior Cybersecurity Analyst

Title: Senior Cybersecurity Analyst
Location: Onsite – Anchorage, Alaska or Tempe, Arizona (in-person presence required)

This position is ideal for a cybersecurity professional with a strong foundation in Governance, Risk, and Compliance (GRC) and deep experience in network protection. You’ll lead efforts to secure systems, ensure regulatory alignment, and identify potential vulnerabilities across company infrastructure. This role emphasizes collaboration, compliance, and continuous threat analysis to safeguard organizational assets and data. The ideal candidate for this position will be CISSP-certified, highly proficient with Splunk, and comfortable scripting in one or more languages such as Python, PowerShell, or JavaScript.

Your role:

• Build, manage, and evolve cybersecurity compliance programs and supporting documentation including SSPs, POAMs, and TCPs.
• Monitor adherence to security frameworks such as NIST 800-171, CMMC, and DFARS, and lead audit readiness activities.
• Integrate PCI-DSS compliance requirements into existing cybersecurity frameworks and ensure continuous alignment with industry standards.
• Conduct assessments of internal systems and vendor environments to identify and address potential risks.
• Monitor and investigate security events across the network, applying logs and threat intelligence to detect anomalies.
• Oversee incident response efforts, identify root causes, and coordinate corrective actions to prevent recurrence.
• Evaluate and improve network security architecture, recommending updates based on emerging threats.
• Collaborate with business and IT teams to ensure security controls align with operational goals.
• Develop clear reports and metrics to communicate risk posture, audit results, and compliance progress to leadership.
• Assist in drafting and enforcing cybersecurity policies and awareness training initiatives across the organization.
• Conduct vendor risk reviews to assess third-party security practices and ensure they meet company standards.

What you’ve got:

• 5–7 years of hands-on experience in cybersecurity, with a focus on GRC and enterprise network security.
• 5–7 years of hands-on admin-level experience in Splunk, including architecture, deployment, and log ingestion strategies, with a strong focus on automation and scalability.
• CISSP Certification Required
• Strong understanding of regulatory frameworks such as NIST, CMMC, and DFARS.
• Background in managing risk assessments, security audits, and compliance reporting.
• Proficiency in identifying vulnerabilities, managing incident response, and performing forensic investigations.
• Familiarity with modern network defense tools and threat detection systems.
• Working knowledge of Microsoft 365 tools and environments.
• Experience working with both internal teams and third-party vendors to enforce security best practices.
• Excellent communication skills with the ability to explain technical concepts to non-technical audiences.
• Comfortable balancing multiple priorities and working independently in a fast-paced setting.
• Bachelor’s degree in Cybersecurity, Information Systems, or a related field (or equivalent experience).
• Relevant certifications such as CEH, GCIH, CISM, or similar are preferred.

To find more great tech-centric jobs, please visit www.phoenixstaff.com.