Cybersecurity Analyst

As a critical member of our cybersecurity team candidate will be required to support security compliance & control implementation, including: assisting in maintenance of organizational compliance with NIST SP 800-171 and CMMC Level 2 requirements; supporting the documentation, assessment, and implementation of required security controls; participating in gap analyses and tracking remediation efforts to close compliance deficiencies; developing and update System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), and other related artifacts. Security monitoring and incident response support includes monitoring security tools and dashboards (e.g., SIEM, EDR, IDS) for suspicious activity, unauthorized access, or potential threats; assisting in the detection, triage, analysis, and escalation of security incidents following defined protocols; supporting forensic investigations and maintain documentation of incidents and responses. Risk management and vulnerability assessments support includes conducting periodic risk assessments, vulnerability scans, and patch verification to identify and mitigate risks to systems and data, Tracking and reporting on remediation of vulnerabilities in coordination with IT and system owners. Security operations & continuous monitoring support includes performing routine reviews of system and security logs to ensure continuous monitoring of systems for compliance, maintaining and enforcing baseline security configurations for assets in both on-prem and cloud environments. Policy and procedure development support includes supporting the creation and maintenance of cybersecurity policies, plans and procedures; ensuring documentation aligns with current compliance frameworks and business requirements. Training and awareness support includes assisting in the delivery of security awareness training and phishing simulation campaigns across the organization; Educating staff on proper handling of sensitive information and secure computing practices. Audit and assessment support includes supporting internal and external cybersecurity audits, assessments, and readiness reviews; assisting with data collection, evidence gathering, and control walkthroughs during audits.