Security Analyst / ISSO
Tasks
- Assess NIST SP 800 171 controls
- Conduct access control audits and enforce least privilege
- Conduct vendor and third-party risk assessments
- Coordinate with C3PAO and manage assessment findings
- Define track and report security metrics and KPIs
- Develop and maintain cybersecurity policies and standards
- Enforce device compliance with MDM
- Enforce security baselines with Group Policy
- Investigate detections and coordinate incident response
- Maintain CUI system boundary asset inventory
- Maintain organizational risk register
- Manage security awareness training and phishing simulations
- Map controls to CMMC requirements
- Monitor EDR alerts for CUI endpoints
- Monitor SIEM and triage security events
- Own and maintain Plan of Action and Milestones
- Own and maintain System Security Plan
- Prepare evidence packages for CMMC Level 2 assessments
- Produce post incident reports with compliance impact
- Support DFARS contract cybersecurity requirements
- Support Risk Management Framework processes
- Track vulnerability remediation status
- Write and tune SIEM detection rules
Perks/Benefits
Skills/Tech-stack
800-171 | AWS | Access Control | Active Directory | Assessment evidence | Asset Management | Audit Log | Audit Log Aggregation | Awareness Training | C3PAO | CMMC Assessment Evidence | CMMC Level 2 | CMMC assessment | CUI | CloudTrail | DFARS 7012 | Detection rules | EDR | GDPR | GRC | Group Policy | GuardDuty | IAM | IT Asset Management | Incident Response | Least Privilege | Level 2 | Log Aggregation | Log Querying | MDM | NIST RMF | NIST SP | NIST SP 800 | NIST SP 800-171 | POA M | Phishing Simulations | Risk Management | Risk register | SIEM | SOC 2 | SOC 2 Type II | SP 800-171 | SSO | SSP | SaaS security | Security Awareness Training | Security awareness | Security metrics | Third Party | Third-Party Risk | Third-party risk management | Vulnerability Management
Education
N/A
Related jobs
-
Security Operations Engineer PLN 216K-255KAWS | Azure | Bash | DORA | KQLGroup insurance | Home-office equipment | Hybrid work | Integration events | Private medical careMid-level Full TimePoznan, PL, 60-198 R16h ago
-
Manager, Enterprise Security Engineering USD 129K-220KAWS CDK | CI/CD | Cloud Security | Endpoint Security | GoMid-level Full TimeRemote R21h ago
-
Staff Security Engineer, Proactive Security USD 193K-285KAWS | Access Management | CI/CD | Cause analysis | Distributed Systems11 paid holidays | 401k matching | Commuter benefits match | Dental insurance | Disability insuranceSenior-level Full TimeUnited States - Remote R21h ago
-
Business Information Security Officer EUR 42K-70KCIS Controls | Cloud Security | Compliance Management | Cybersecurity | DevSecOpsCompany pension | Dental care | Employee assistance program | Flexible working hours | Group accident insuranceSenior-level Full TimePoing, Germany R22h ago
-
Senior CSOC Engineer USD 142K-201KAPI Integration | CI/CD | Cloud platform | Docker | Event Driven401k match | Dental insurance | Disability insurance | Employee assistance program | Employee stock purchase planSenior-level Full TimeNew York City, NY; San Francisco, … R1d ago
-
Access Management | Application Security | Audit Logging | CCPA | Certificate managementRemote workMid-level Full TimeUS, Remote R1d ago
-
Principal Architect - Security USD 158K-227KAI Governance | Access Control | Azure Policy | Azure Security | Compliance401k match | Employee assistance program | Employer health insurance options | Flexible remote work | Healthcare FSA HSA dependent care FSASenior-level Full TimeRemote - US R1d ago
-
Security Operator EUR 45K-59KFirmware Updates | Incident Response | Microsoft 365 | Microsoft Defender | Patch ManagementRemote work support | Weekly onsite in ValenciaSenior-level Full TimeValencia, Spain R1d ago
-
Staff DevOps Security Engineer BRL 340K-390KAWS | Amazon ECS | Amazon EKS | Amazon SageMaker | AutoscalingEquity | Hybrid work environmentSenior-level Full TimeRemote - LATAM R1d ago
-
Security Engineer (Contract) CAD 76K-96KAWS | Application Security | Application Security Testing | Bash | CASBMid-level ContractCanada - Remote R1d ago
-
Year-Round IT Co-op, Cybersecurity USD 38K-38KCybersecurity | Incident Management | Information security | Microsoft Office | Presentation deliveryFlexible schedule | Fully remote | Long term opportunity | No travel requiredEntry-level Full TimeCleveland, OH, United States R1d ago
-
Security Engineer [IC3] USD 72K-144KApplication Security | Application Security Testing | Cloud platform | Container Security | Elastic StackMid-level Full TimeRemote R1d ago
-
Security Analyst (Contract) USD 76K-96KAWS | Application Security | Bash | CASB | CI/CDContract position | Supportive collaborative teamMid-level ContractMexico - Remote R1d ago
-
AI Coding Assistants | AI coding | Agent Frameworks | Automation | Coding assistantsAnnual company retreats | Generous time off | Quarterly meetups | Remote-friendly culture | Thursday socialsSenior-level Full TimeThe Hague - hybrid R1d ago
-
Head of IT Infrastructure and Security USD 190K-234KAI Governance | AWS | Access Management | Business Continuity | CCPACollaborative work environment | Employee referral program | Life insurance | Medical insurance | Paid time offExecutive-level Full TimeAPAC R1d ago
-
(Senior) Detection & Response Lead (all genders) EUR 63K-71KAWS | CI/CD | CI/CD Security | Correlation rules | Data QualityDog-friendly offices | Fitness membership subsidy | Flexible working hours | Home-office allowance | Hybrid work setupSenior-level Full TimeBerlin, Germany; Hamburg, Germany R1d ago
-
Senior Cybersecurity Compliance Analyst USD 117K-170K800-171 | 800-53 | Archer | Audit Readiness | CMMC401k | Dental insurance | Education assistance | Health insurance | Life insuranceSenior-level Full TimeVirtual R1d ago
-
Security Consultant (w/m/d) - intern - EUR 58K-68KAccess Management | Cloud Security | ISMS | Identity and Access Management | Identity and accessCertificate support | Home office | Mentoring program | Remote work | Training supportEntry-level Full Time InternshipBöblingen & Remote R1d ago
-
Cyber Security Analyst USD 90K-124KAccess Control | Barracuda Email Security | DLP | Detection rules | Digital forensicsMid-level Full TimeRemote - Kuwait City, Kuwait City, … R1d ago
-
Penetration Tester EUR 39K-67KAPI Security | ASP | AWS | Active Directory | Application SecurityCareer progression | Certification support | International team | Lab access | Learning and developmentMid-level Full TimeDublin, Dublin, Ireland (Hybrid) R1d ago
-
SOC Analyst EUR 43K-67KAlert analysis | Cybersecurity | DNS | EDR | ELKAdditional leave days | Flexible working model | Home office | Mentoring | Paid training daysMid-level Full TimeGreece - Remote R1d ago
-
Security Architect USD 150K-160K800-53 | Architecture Reviews | Azure Native | Azure Native Services | CISA Directives100 percent remote work | Health insurance coverageSenior-level Full TimeRemote / Telework, United States R1d ago
-
Access Management | Active Directory | Enterprise access management | IT Security | Microsoft DefenderContinuous learning opportunities | Flexible work models | Onboarding | Social benefits | Team eventsMid-level Full TimeHybrid R1d ago
-
AD Audit | Active Directory | Microsoft PKI | PKI | PatchingFlexible work models | Home office | Onboarding | Social benefits | Team eventsMid-level Full TimeHybrid R1d ago
-
Active Directory | Entra ID | Microsoft AADC | Microsoft Entra | Microsoft Entra IDFlexible work model | Home office | Onboarding | Social benefits | Team eventsMid-level Full TimeHybrid R1d ago