Federal Cyber Security Analyst
About The Position
The Federal Cyber Security Analyst (FCSA) will be responsible for architecting, developing, and implementing solutions that help Rhymetec's clients achieve, manage and measure security metrics and compliance requirements. The role will work closely with their team to help design and deliver security and compliance objectives and have the ability to help drive foundational changes in internal cloud platforms to enhance their security posture. The ideal candidate will have a team first mentality and fit within the core values and culture at Rhymetec, along with project management experience and knowledge with customized compliance road maps for clients. This person will be responsive to both customers and team members with communications, be detail oriented, and hold a high level of autonomy to complete work on time and with quality.
Requirements
- Bachelor's Degree from an accredited university in a Technology or Cybersecurity field OR 4+ years of direct experience in listed areas.
- 3+ years of work experience working with cybersecurity and regulatory compliance.
- Experience in customer service and ability to develop professional relationships with customers.
- Extensive knowledge of compliance, regulatory frameworks, and implementing CMMC, FedRAMP, GovRAMP, TX-RAMP, and other various federal frameworks.
- Strong logical security skills, with experience in cloud security.
- Understanding of cloud environments (AWS, GCP, Azure) and integrating security controls through DevOps and Infrastructure as a Service (IaaS) techniques.
Nice To Haves
- TX-RAMP (preferred)
- Certifications are preferred.
Responsibilities
- Prepare agendas and reference documents for meetings with clients.
- Assist in building and managing cyber security programs for Rhymetec’s customers based on industry standard cyber security compliance frameworks.
- Conduct meetings with clients regularly.
- Configure performance monitoring alarms, security alarms, IDS/IPS in AWS, Azure, GCP, Datadog and other cloud infrastructures.
- Set up supporting security applications.
- Set up mobile device management applications such as Jamf, Jumpcloud, Microsoft Endpoint manager, Hexnode, etc.
- Configure and maintain compliance monitoring platforms.
- Conduct internal audits, risk assessments, and generate reports.
- Conduct Incident Response Tabletop exercises with clients.
- Conduct Business Continuity and Disaster recovery tabletop exercises with clients
- Document and lead incident response process should an incident arise.
- Translate CMMC, FedRAMP, GovRAMP, TX-RAMP (preferred) controls into actionable items for clients.
- Conduct employee access reviews, SaaS vendor security assessments, and gap assessments.
- Triage bug/vulnerability reports from security researchers.
- Complete security questionnaires on behalf of clients.
- Draft supporting documents for clients’ information security management systems and information security policies.
- Gather and maintain evidence of compliance for various frameworks.
- Lead engagements with auditors on behalf of clients.
- Communicate tasks to clients’ employees and educate clients on security best practices.
Benefits
- Employee covered medical premiums (100%)
- Dental and Vision Benefits
- PTO and Sick Time, including 11 paid Holidays
- 401K retirement plans with company match options
- Company paid Life Insurance
- Annual Subscription to TalkSpace (online counseling & therapy service)
- Summer Fridays!
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
