Cybersecurity Analyst

JMA makes 5G possible for organizations with the most critical connectivity demands in the world. From its global tech centers, JMA is ushering in a new era of connectivity for leading mobile carriers, the most iconic stadiums, major universities, leading healthcare facilities, and the busiest transit centers. 5G is more than another G on your phone — it is a generational opportunity to change the way the world operates. Join the industry’s fastest growing technology company to shape that future today. 
We are seeking a skilled Cybersecurity Analyst to join our team. The successful candidate will be responsible for supporting and maintaining our enterprise Cybersecurity Management Program including but not limited to specific activities pertaining to: Vulnerability Management, IT/IS Risk Management, and Cybersecurity Supplier/3rd Party Risk Management. This role requires an organized individual with a strong technical background, fluency in English, and the ability to adapt to and document the existing IT/Cybersecurity environment. 

Responsibilities:

• Monitoring JMA systems (servers, computers, network infrastructure etc.) for vulnerabilities and security issues. Manage and maintain a Vulnerability Management Plan and supporting documentation. Assist the Infrastructure team on vulnerability mitigation activities such as patch management or security hardening protocols. 
• Conducting Risk Management activities including but not limited to, risk assessments, control auditing and monitoring, documenting risk reporting, and tracking risk response (e.g., treatment and mitigation) activities.  
• Conducting Cybersecurity Supply Chain Risk Management activities including but not limited to identifying, assessing, selecting, and implementing processes and mitigating controls across the enterprise to help manage cybersecurity risks throughout the JMA supply chain. 
• Responding to Cybersecurity Supply Chain Risk Management activities such as customer request for information (RFI) or request for purchase (RFP) related activities. Complete cybersecurity vendor evaluation forms on behalf of JMA. 
• Creating, managing, and maintaining Cybersecurity Program Documentation including but not limited to: System Security Plans (SSP)s, Key Performance Indicators (KPIs), Standard Operating Procedures (SOPs), Plans of Action and Milestones (POA&Ms), and other security-related artifacts. 
• Ability to interpret ISO 27001, SOC2 Type 2, CMMC, NIST Cybersecurity Framework (CSF) or other NIST controls and evaluate current compliance, identify technical solutions to achieve compliance, and test solutions for compliance. 
• Support the investigation of potential security breaches and other cybersecurity incidents and writing detailed incident response reports. 
• Collaborate with other IT team members, R&D, and Engineering departments to optimize cybersecurity. 
• Stay updated with the latest industry trends and technologies to continually improve our cybersecurity posture. 

Skills & Experience:

• Strong understanding of industry standards and best practices in cybersecurity. 
• Experience with vulnerability management tools (e.g., Nessus, Tenable, Qualys) and/or patch management tools (e.g., Automox, RMM, etc.) is a plus. 
• Experience with the National Institute of Standards and Technology (NIST) special publications including NIST Risk Management Framework (RMF), Cybersecurity Framework (CSF), NIST SP 800-53, NIST SP 800-37, NIST SP 800-171, NIST SP 800-161is a plus. 
• Fluent in English, both written and spoken. 
• Excellent organizational skills with the ability to create and maintain detailed documentation. 
• Strong problem-solving skills and the ability to adapt to a dynamic IT/Cyber environment. 
• Relevant certifications (e.g., CISA, CompTIA Security+, CISSP) are a plus. 
• Experience in Wireless Telecommunications industry and ORAN 3GPP protocols is a plus. 

#LI-AC1
At JMA, we don’t just accept differences — we embrace them. JMA is proud to be an equal opportunity workplace. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristic.