Security Analyst / ISSO
Tasks
- Assess NIST SP 800 171 controls
- Conduct access control audits and enforce least privilege
- Conduct vendor and third-party risk assessments
- Coordinate with C3PAO and manage assessment findings
- Define track and report security metrics and KPIs
- Develop and maintain cybersecurity policies and standards
- Enforce device compliance with MDM
- Enforce security baselines with Group Policy
- Investigate detections and coordinate incident response
- Maintain CUI system boundary asset inventory
- Maintain organizational risk register
- Manage security awareness training and phishing simulations
- Map controls to CMMC requirements
- Monitor EDR alerts for CUI endpoints
- Monitor SIEM and triage security events
- Own and maintain Plan of Action and Milestones
- Own and maintain System Security Plan
- Prepare evidence packages for CMMC Level 2 assessments
- Produce post incident reports with compliance impact
- Support DFARS contract cybersecurity requirements
- Support Risk Management Framework processes
- Track vulnerability remediation status
- Write and tune SIEM detection rules
Perks/Benefits
Skills/Tech-stack
800-171 | AWS | Access Control | Active Directory | Assessment evidence | Asset Management | Audit Log | Audit Log Aggregation | Awareness Training | C3PAO | CMMC Assessment Evidence | CMMC Level 2 | CMMC assessment | CUI | CloudTrail | DFARS 7012 | Detection rules | EDR | GDPR | GRC | Group Policy | GuardDuty | IAM | IT Asset Management | Incident Response | Least Privilege | Level 2 | Log Aggregation | Log Querying | MDM | NIST RMF | NIST SP | NIST SP 800 | NIST SP 800-171 | POA M | Phishing Simulations | Risk Management | Risk register | SIEM | SOC 2 | SOC 2 Type II | SP 800-171 | SSO | SSP | SaaS security | Security Awareness Training | Security awareness | Security metrics | Third Party | Third-Party Risk | Third-party risk management | Vulnerability Management
Education
N/A
Related jobs
-
Senior Analyst, Cyber Threat Intelligence Fusion USD 85K-150KAutomation | Cyber Kill Chain | Cyber Threat | Cyber Threat Intelligence | Dark Web401k matching | Employee assistance program | Employee discounts | Paid Holidays | Paid time offSenior-level Full TimeCharlotte, NC, 500 Woodward Avenue, MI, … R4h ago
-
Access Control | Application Firewall | Authentication | CI/CD | CheckovCareer growth | Collaborative & Inclusive Culture | Continuous learning | Country specific employee benefits | Flexible work scheduleMid-level Full TimeIreland R12h ago
-
Access Control | Authentication | CI/CD | Checkov | CloudflareCareer growth | Collaborative culture | Continuous learning | Coworking access | Employee benefits programsMid-level Full TimeFrance R12h ago
-
Access Control | Application Firewall | Authentication | CI/CD | CheckovEmployee benefits program | Flexible work schedule | Fully remote work | Optional coworking access | Stock grant opportunitiesMid-level Full TimeSpain R12h ago
-
Cybersecurity | Endpoint protection | Incident Response | Network Monitoring | Penetration TestingFlexible working environment | Remote workMid-level Full TimeSouth Africa, South Africa R13h ago
-
Senior Product Security Engineer INR 3700K-4600KAI Agents | API Security | AWS | Authentication | AuthorizationCareer development | ESG initiatives | Headspace access | Hybrid work model | Mental health daysSenior-level Full TimeIndia, Bengaluru, Karnataka R17h ago
-
Principal Engineer - CyberArk | On-site, Bangalore INR 2000K-3500KAccess Management | Active Directory | CyberArk | JavaScript | LDAP24 7 support shift flexibility | Professional training resources | Volunteer opportunities | Work from Office | Work-life balanceSenior-level Full TimeBangalore, India R17h ago
-
Senior Detection and Response Engineer USD 243K-295KAlert triage | Cloud Security | Container Security | Data Pipelines | Detection engineeringEquity compensation | Health and wellness benefits | Onsite/Hybrid scheduleSenior-level Full TimeSan Mateo, CA, United States R18h ago
-
Security Services Specialist USD 110K-160K24 7 monitoring | AI Security | AI security automation | Access Management | CISFull-time employment | Remote/hybrid workSenior-level Full TimeRemote (United States) R20h ago
-
Sr. Security Engineer 1 (Customer Trust) USD 145K-193K800-53 | AWS | CASB | CCSP | CI/CD401k match | Dental insurance | Flexible time off | Health insurance | Life insuranceSenior-level Full TimeBellevue, WA, USA R20h ago
-
Security Services Specialist USD 110K-160K24x7 monitoring | API Security | Application Security | CIS | CSPMSenior-level Full TimeChicago, IL R20h ago
-
Director, Security Operations GBP 98K-131KAI Assisted Triage | Automation | CSIRT | Cloud Security | Cyber DefenseComprehensive health coverage | Employee assistance program | Employee recognition | Flexible paid time off | Home office setup supportExecutive-level Full TimeRemote - UK R20h ago
-
Senior-level Full TimeRemote - Ireland R21h ago
-
Senior-level Full TimeRemote - United Kingdom R21h ago
-
GRC Analyst PLN 140K-190KAI Act | Access Management | Audit management | Awareness Training | Control monitoringCo-working space access | Company retreat | Fully remote | Learning budget | Private medical insuranceMid-level Full TimePoland R21h ago
-
IAM Analyst USD 103K-120KAccess Administration | Access Controls | Access Management | Access Request Review | Access request401k match | ADandD Coverage | Adoption reimbursement | Dental coverage | Education reimbursementMid-level Full TimeRemote - United States R21h ago
-
Security Architect - Northeast region USD 110K-160KAccess Management | Cloud Security | DLP | Data Loss Prevention | Data lossCorporate holidays | Dental insurance | Flexible time off | HSA | Health allowanceSenior-level Full TimeRemote R21h ago
-
AI Security | Application Security | Cloud Security | Configuration Drift | Configuration Drift Detection401k | Medical/Dental/Vision insurance | Paid time off | Short term incentive program eligibleMid-level Full TimeCharlotte, NC, United States R22h ago
-
Director, Field Security USD 204K-255KCompliance Management | Container Security | Diligence Questionnaires | Due Diligence | Due Diligence QuestionnairesHybrid workExecutive-level Full TimeRaleigh, North Carolina, USA R22h ago
-
Manager, Security Engineering, Cloud & AppSec USD 149K-185KAWS | AWS WAF | Access Control | Architecture Review | Argo CDDental insurance | Equity package | Flexible vacation policy | Health insurance | Hybrid remote workMid-level Full TimeUS, Remote R22h ago
-
Staff Engineer, Identity & Access Management (IAM) USD 180K-212KABAC | Access Management | Active Directory | Adaptive Authentication | Amazon Web ServicesAnnual bonus | Comprehensive benefits package | Equity compensation | Remote work eligibilitySenior-level Full TimeSalt Lake City, Utah R23h ago
-
800-53 | ACAS | Assessment and Authorization | Configuration Management | Control Implementation401k plan | Dental insurance | Disability Leave | Employee assistance program | Flexible savings accountSenior-level Full TimeWashington, DC, United States R1d ago
-
800-53 | ACAS | Assessment and Authorization | Compliance documentation | Control ImplementationMid-level Full TimeWashington, DC, United States R1d ago
-
Director of Information Security & AI Governance GBP 100K-120KAI Governance | Agentic Workflows | Governance Risk | Governance Risk and Compliance | ISO 27001Enhanced parental leave | Flexible benefits budget | Hybrid working | Income protection | Learning and development budgetExecutive-level Full TimeLondon R1d ago
-
Cybersecurity Tanium SME (R-00162) USD 77K-197KACEM | Attack surface | Attack surface management | Compliance | Data Analysis401k match | Cell phone reimbursement | Home internet reimbursement | Medical coverage | Paid HolidaysMid-level Full Time100% Remote R1d ago