IT Security Analyst 2 - Remote (Redwood City, CA)
Posted 3 hours ago USD 58.22 - 76.53 / hour
Job Title: IT Security Analyst 2
Location: Remote; Redwood City, CA 94063
Duration: 3 Years
Remote Work
This position is eligible for permanently remote work but keep the following in mind: our team operates on Pacific Time, and we adjust salary based on regions of the country. You may be expected to come onsite but generally expect that to be no more than a few days each quarter.
Summary
In this essential position, you will lead initiatives to protect our digital resources, developing and implementing innovative security strategies to e ectively mitigate risks. Your expertise will contribute to our mission of maintaining a secure and resilient environment for education, research, and healthcare.
Job Responsibilities
Location: Remote; Redwood City, CA 94063
Duration: 3 Years
Remote Work
This position is eligible for permanently remote work but keep the following in mind: our team operates on Pacific Time, and we adjust salary based on regions of the country. You may be expected to come onsite but generally expect that to be no more than a few days each quarter.
Summary
In this essential position, you will lead initiatives to protect our digital resources, developing and implementing innovative security strategies to e ectively mitigate risks. Your expertise will contribute to our mission of maintaining a secure and resilient environment for education, research, and healthcare.
Job Responsibilities
- In this role, you will support the research community by providing support and guidance on information security matters. You will collaborate with local IT groups and Research Computing to help implement and improve security measures that meet NIST 800-171 standards.
- Your main responsibilities will include helping to execute a strategy that prepares the client for an increasing number of security audits and changing regulatory requirements, particularly focusing on the Cybersecurity Maturity Model Certification (CMMC) and NIST 800-171 standards. This will involve helping to assess the client's current security practices and identifying any gaps that could a ect compliance. You will assist in implementing best practices and guidelines to strengthen cybersecurity measures and support audit preparations.
- You will also play a key role in developing an awareness and training program aligned with NIST to educate the organization to foster a culture of security awareness and responsibility.
- Assist in the preparation and implementation of the NIST readiness project, ensuring alignment with NIST frameworks and guidelines to improve the organization's security posture.
- Collaborate in developing and executing a comprehensive strategy to prepare the client for security audits and regulatory requirements, with a particular focus on the Cybersecurity Maturity Model Certification (CMMC).
- Support the assessment and implementation of security controls in accordance with NIST standards, assisting in identifying gaps and recommending corrective actions.
- Develop and deliver an awareness and training program aligned with NIST to educate the organization.
- Collaborate in the review and update of security policies and procedures to ensure they meet NIST requirements and reflect best practices in cybersecurity.
- Support the monitoring of security controls and risk management practices, regularly evaluating the e ectiveness of existing security measures.
- Help prepare and maintain documentation related to security policies, procedures, and compliance e orts, including risk assessments and operational reports.
- Collaborate with cross-functional teams, including IT, Finance, Human Resources, and Legal, to integrate information security into the organization's overall risk management program.
- Keep abreast of industry trends, emerging threats, and evolving regulatory requirements to inform security practices and compliance strategies.
- Perform any other related duties assigned to support the organization's information security program.
- Well-rounded, critical thinker with a bachelor s degree (or equivalent experience).
- A minimum of three years of experience in information security, risk management, or compliance.
- Experience in information security, risk management, and compliance.
- Knowledge of industry standards and regulations, particularly NIST & HIPAA.
- Strong analytical and problem-solving skills, with the ability to identify and assess security risks.
- Exposure to security audits, risk assessments, or vulnerability assessments.
- Knowledge of security technologies such as encryption, firewalls, intrusion detection systems, and SIEMs.
- Experience with working as part of a team in cybersecurity, information security, assurance or related fields.
- Ability to express complicated, highly technical information using accessible language, proficiently in English, to a wide variety of audiences with varying degrees of technical savviness.
- Ability to stay up to date with the latest security threats, technologies, and industry regulations.
- Knowledge of ISO 27001 and PCI DSS.
- Security+ or other professional cybersecurity certifications.
- Proficiency in setting up and managing a learning management system (LMS), including course creation and configuration
- Prior work in a highly-regulated industry or higher education.
Recommended Jobs
Director, Fraud Intelligence & Investigations
Posted 2 hours ago
Security Analyst II (SOC Analyst)
Posted 2 hours ago
director cybersecurity, assurance services
Posted 3 hours ago
Security Architect - Consultant
Posted 1 day ago
Junior Security Auditor
Posted 1 day ago