Cybersecurity Analyst 10+ Exp

Summary: The Cybersecurity Analyst role focuses on safeguarding enterprise healthcare IT systems by monitoring, detecting, and responding to security events. The position requires conducting vulnerability assessments, implementing security controls, and ensuring compliance with federal security policies. The analyst will collaborate with various teams to enhance security measures and develop training programs. This is a long-term contract position with a remote working arrangement.

Key Responsibilities:

• Monitor SIEM tools, dashboards, and alerts for threats, anomalies, or suspicious activities.
• Perform triage, containment, eradication, and recovery as part of the incident response process.
• Conduct root cause analysis and provide documentation with recommendations for prevention.
• Conduct regular vulnerability scans and work with system/application owners to remediate findings.
• Participate in security risk assessments and risk management reviews.
• Ensure compliance with federal mandates and healthcare security frameworks (FISMA, NIST 800-53, FedRAMP, HIPAA, OMB).
• Prepare and maintain documentation for Authority to Operate (ATO), POA&Ms, and continuous monitoring reports.
• Support deployment, tuning, and optimization of security tools (SIEM, endpoint protection, IDS/IPS, vulnerability management, DLP).
• Recommend enhancements to security posture, processes, and automation.
• Assist in developing security awareness and training programs.
• Participate in tabletop exercises, security drills, and audits.
• Work closely with IT, applications, and network teams to embed security throughout system lifecycles.

Key Skills:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience).
• 3+ years of hands-on experience in cybersecurity or information security roles.
• Strong background in security monitoring, incident response, and vulnerability management.
• Familiarity with NIST 800-53, RMF, CIS Controls, HIPAA, and federal compliance requirements (FISMA, FedRAMP).
• Excellent analytical, problem-solving, and documentation skills.
• U.S. Citizenship required (federal contract requirement).
• Industry certifications such as Security+, CEH, CySA+, CISSP (or in progress).
• Hands-on experience with SIEM platforms (Splunk, Microsoft Sentinel), endpoint security, and cloud security controls (AWS, Azure).
• Knowledge of scripting/automation (PowerShell, Python) for security analysis and reporting.

Salary (Rate): undetermined

City: undetermined

Country: USA

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT