Security Analyst / ISSO
Tasks
- Assess NIST SP 800 171 controls
- Conduct access control audits and enforce least privilege
- Conduct vendor and third-party risk assessments
- Coordinate with C3PAO and manage assessment findings
- Define track and report security metrics and KPIs
- Develop and maintain cybersecurity policies and standards
- Enforce device compliance with MDM
- Enforce security baselines with Group Policy
- Investigate detections and coordinate incident response
- Maintain CUI system boundary asset inventory
- Maintain organizational risk register
- Manage security awareness training and phishing simulations
- Map controls to CMMC requirements
- Monitor EDR alerts for CUI endpoints
- Monitor SIEM and triage security events
- Own and maintain Plan of Action and Milestones
- Own and maintain System Security Plan
- Prepare evidence packages for CMMC Level 2 assessments
- Produce post incident reports with compliance impact
- Support DFARS contract cybersecurity requirements
- Support Risk Management Framework processes
- Track vulnerability remediation status
- Write and tune SIEM detection rules
Perks/Benefits
Skills/Tech-stack
800-171 | AWS | Access Control | Active Directory | Assessment evidence | Asset Management | Audit Log | Audit Log Aggregation | Awareness Training | C3PAO | CMMC Assessment Evidence | CMMC Level 2 | CMMC assessment | CUI | CloudTrail | DFARS 7012 | Detection rules | EDR | GDPR | GRC | Group Policy | GuardDuty | IAM | IT Asset Management | Incident Response | Least Privilege | Level 2 | Log Aggregation | Log Querying | MDM | NIST RMF | NIST SP | NIST SP 800 | NIST SP 800-171 | POA M | Phishing Simulations | Risk Management | Risk register | SIEM | SOC 2 | SOC 2 Type II | SP 800-171 | SSO | SSP | SaaS security | Security Awareness Training | Security awareness | Security metrics | Third Party | Third-Party Risk | Third-party risk management | Vulnerability Management
Education
N/A
Related jobs
-
Sr. Security Compliance Specialist USD 132K-195KAudit evidence | Audit management | Automation | Compliance metrics | Control Testing401k matching | Basic life insurance | Commuter benefits match | Disability insurance | Employer wellness expense reimbursementSenior-level Full TimeUnited States - Remote R12h ago
-
Manager IT Security Engineering, Ford Energy USD 97K-153K365 Security | AI assisted security operations | AI-assisted Security | Access Management | Asset ManagementCommunity service paid time off | Employee resource groups | Flexible family care days | Medical, dental & vision coverage | Option to purchase additional vacation timeMid-level Full TimeGlendale, KY, United States R14h ago
-
Access Control | Compliance Management | Employee Onboarding | Employee supervision | Google Suite401k employer match | Coaching and mentoring opportunities | Employee assistance program | Employer HSA contribution | Employer-paid insuranceMid-level Full TimeKirkland, WA R15h ago
-
Senior Security Compliance Engineer USD 146K-195K800-53 | Audit management | Awareness Training | CIS Controls | Continuous Control MonitoringPeriodic travel | Remote workSenior-level Full TimeRemote (United States); Canada R16h ago
-
Sr. SOC Security Engineer II USD 125K-140KAWS | Automation | Azure | CIS Controls | Cause analysis401k match | Dental insurance | Educational assistance | Flexible work schedule | Health insuranceSenior-level Full TimeWashington DC R18h ago
-
Executive-level Full TimeRemote R19h ago
-
Staff Threat Detection Engineer USD 175K-240KAWS | Alert triage | Automation | Bash | Cloud loggingSenior-level Full TimeRemote - USA R21h ago
-
Security Engineering Manager USD 170K-200KAutomation workflows | CIS Critical Security Controls | Cloud Security | Critical Security Controls | Cybersecurity FrameworkOn-call support | Remote workMid-level Full TimeWork from home, VA, United States R21h ago
-
Senior Security Engineer, Docker Desktop EUR 113K-186KAccess Management | AppArmor | Authentication | Authorization | BuildKitEquity | Home office setup | Medical benefits | PTO | Paid parental leaveSenior-level Full TimeCanada R22h ago
-
Incident Response | Log Analysis | MITRE ATT&CK | Malware analysis | SIEMCareer development opportunities | Community involvement | Employee council CSE | Health insurance | Meal vouchersMid-level Full TimeCourbevoie, IDF, France R23h ago
-
Summer Internship - Security Engineering USD 50K-50KAWS | Access Control | Authentication | Azure | BashCollaborative team environment | Hands On Security Engineering Experience | Remote-first cultureEntry-level InternshipRemote, United States R1d ago
-
AI RMF | API | Agent Orchestration | Application Security | ClaudeMeal vouchers | Remote work | Telework allowance | Transport allowanceEntry-level Apprenticeship Part TimeBois-Colombes, IDF, France R1d ago
-
Security Operations Lead EUR 42K-84KAPI Integration | Bash | Data Loss Prevention | Data loss | Event managementSenior-level Full TimeCroatia R1d ago
-
Access Control | Cloud Security | Contract Analysis | Contract Drafting | CybersecurityHybrid work model | On-call availability | Remote work flexibilityMid-level Full TimePhilippines - Manila R1d ago
-
Sr. Blue Team Analyst USD 166K-333KAlerting | Cyber Threat | Cyber Threat Intelligence | Detection engineering | Event managementMentoring | Ongoing training | Remote workSenior-level Full TimeUnited States R1d ago
-
Sr. Blue Team Analyst CAD 191K-191KDetection engineering | Event management | Event triage | Incident Response | Log MonitoringMentoring opportunities | Ongoing training | Remote workSenior-level Full TimeCanada R1d ago
-
SOC Analyst EUR 43K-69KCloud Identity | Cloud infrastructure | Cloud infrastructure basics | Detection Systems | Endpoint indicatorsAdditional leave days | Flexible working hours | Home office | Personal coaching | Remote workMid-level Full TimeGreece - Remote R1d ago
-
Security Engineer, Solna/Hybrid SEK 450K-547KAutomated playbooks | Azure Sentinel | Disaster Recovery | Disaster Recovery Planning | Forensic InvestigationHealth and wellness allowance | Hybrid work | Occupational insurance | Pension plan | Training accessMid-level Full TimeSolna R1d ago
-
Director, Field Security (Remote Eligible) USD 235K-315K800-53 | Customer security | FedRAMP | FedRAMP Moderate | GRC401k match | Dental insurance | Flexible time off | Health insurance | Life insuranceExecutive-level Full Time-REMOTE, USA- R1d ago
-
IAM Gov & Controls Analyst USD 68K-86KAccess Certifications | Access Control | Access Management | Deprovisioning | Directory Services401k match | Dependent care FSA match | Gym and fitness reimbursement | Health Savings Account contribution | Medical, dental, and vision insuranceMid-level Full TimeRemote, United States R1d ago
-
Information Security Officer USD 148K-200KAPI Security | AWS | AWS Config | AWS Well Architected | AWS Well-Architected Security PillarPeriodic travel | Remote workSenior-level Full TimeRemote (United States); Canada R1d ago
-
GRC Engineer INR 2800K-4000KAWS | CI/CD | Cloud Security | Git | IAMFlexible location | Remote workSenior-level Full TimeVirtual Office (Tamil Nadu), India R1d ago
-
Compliance Product Owner INR 1000K-1820KAWS | Access Management | Application Security | Awareness Training | AzureMid-level Full TimeNoida, India R1d ago
-
AWS | Access Management | Automation | Azure | CI/CDEmployee networks | Employee volunteer opportunities | Paid adoption leave | Paid parental leave | Professional development opportunitiesSenior-level Full TimeAUS WA Remote, Australia R1d ago
-
Strategic Advisory Services Consultant (Remote) USD 115K-160KBusiness Risk Analysis | Business risk | CSIRT | Communications | CybersecurityEmployee networks | Office amenities | Paid adoption leave | Paid parental leave | Professional development opportunitiesSenior-level Full TimeUSA TX Remote, United States R1d ago