Analyst III, Cybersecurity

About The Position

Requirements

• Bachelor’s degree in computer science, Information Technology, or a related field.
• Basic understanding of cybersecurity principles and tools.
• Familiarity with networking concepts and security protocols.
• Typically, five years of experience in a Cybersecurity role required.
• Certifications such as CompTIA Security+, CEH, or equivalent.
• Knowledge of SIEM tools and incident response procedures.
• Knowledge of relevant regulations and compliance frameworks (e.g., NIST, ISO 27001).

Nice To Haves

• Hands-on experience with security platforms including Tenable (vulnerability management), Splunk (SIEM/log analysis), CrowdStrike (endpoint detection and response), and enterprise Governance, Risk, and Compliance (GRC) platforms
• Demonstrated experience in third-party risk management (TPRM), including vendor security assessments, risk scoring, and ongoing monitoring
• Proven track record conducting software evaluations and tool assessments to support security program needs
• Experience with vendor management activities, including security questionnaire review, contract security requirements, and vendor onboarding processes
• Familiarity with vendor risk assessment frameworks and methodologies (e.g., SIG, CAIQ, custom questionnaires)
• Experience managing relationships with third-party vendors and service providers from a security perspective
• Advanced certifications beyond CompTIA Security+ and CEH, such as CISSP, CISM, or vendor-specific certifications (Splunk, CrowdStrike, etc.)
• Experience with security frameworks such as NIST Cybersecurity Framework, ISO 27001, or SOC 2
• Strong analytical and communication skills with the ability to translate technical security findings for business stakeholders

Responsibilities

• Execute risk management programs through planning, developing, coordinating, and implementing information technology disaster recovery and business continuity planning.
• Perform, assist, and review technical risk assessments and reviews of new and existing applications and systems, networks, servers, including data center physical security and environmental controls.
• Assist in conducting IT audits to ensure information systems security policies and procedures are being implemented as defined in security plans and best practices.
• Perform basic analyses to validate established security requirements and may recommend additional security requirements and safeguards.
• Prepare technical and security reports by collecting, analyzing, and summarizing project information.
• Monitor project progress by tracking activity, resolving problems, publishing progress reports, recommending actions.
• Develop and recommend plans to safeguard computer/server/network configurations and data files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
• Support and manage information security and risk management awareness and training programs.
• Assist with reviews of special investigations, internal audits, research studies to provide direction and guidance.
• Work with team members to design and oversee server-side elements of network infrastructure, including installing network-wide malware protection software, configuring firewalls, and configuring databases and access on the back end.
• Analyze vulnerability scans of information systems and assist in remediation tasks.
• Maintain professional demeanor and behavior at all times in all forms of communication.
• Perform other duties as assigned by manager.
• Execute the core tasks and responsibilities, listed in the Job Profile Task/Responsibilities section of this document, with minimal supervision.

Benefits

• 401K plan with an employer match
• Medical/Dental /Vision Insurance
• Life and Disability Insurance
• Paid Time Off
• Tuition Reimbursement/Professional Development policy