Job Description

A major financial client of ours has a need for an Cyber Security Analyst. This position is a long-term contract located in Midtown Manhattan. This is a Hybrid role, 3 days in the office.  

Only accepting W2 candidates, NO C2C, NO 1099.

The Cyber Security Analyst role is responsible for DevSecOps, Application Security, SDLC, IAM administration, incident response, security tools and engineering, conduct risk assessments and information security project management efforts. The ideal candidate will possess a deep understanding of cybersecurity best practices, possess strong technology and analytic skills, and can collaborate across departments to ensure the protection of our digital assets.

Job Duties and Responsibilities

• DevSecOps/DevOps Application Security on SDLC CI/CD
• Oversee user account administration, including permissions, access controls, and the user identity lifecycle (onboarding, offboarding, and account modifications).
• Design and implement a comprehensive Identity and Access Management (IAM) program, including relevant policies and procedures.
• Monitor activity logs to detect and respond to security incidents effectively.
• Conduct user access re-certification and manage user access to sensitive systems and data.
• Collaborate with various departments to ensure secure access to systems and data while resolving issues and troubleshooting technical IAM problems.
• Coordinate incident response efforts, ensuring timely detection, investigation, and resolution of security incidents while maintaining incident response plans.
• Evaluate and recommend security solutions to address evolving threats and collaborate with security teams to integrate threat intelligence into processes.
• Assess third-party vendors for security practices, ensuring vendor contracts include appropriate security requirements and compliance measures.
• Provide guidance and mentorship to the IT team, promoting continuous improvement and staying updated on industry trends and regulatory requirements.
• Develop training materials and conduct training sessions related to IT Security to enhance awareness and compliance among employees

Qualifications

• Minimum of 3 years of experience in IAM or IT security or a related field.
• Comprehensive understanding of IAM concepts, including Single Sign-On (SSO), role-based access control, identity federation, and Multi-Factor Authentication (MFA).
• Proficiency in identity and access management tools.
• Strong technical and analytical skills with experience in identity and access management solutions.
• Strong understanding of information security principles and frameworks.
• Proven experience with risk assessment tools and methodologies.
• Knowledge of relevant cyber security standards and frameworks (e.g., NIST, FFIEC, ISO/IEC 27001, CIS, etc.).
• Familiar with relevant regulations (e.g., FFIEC, NYSDFS, GDPR, DORA, etc.)
• Knowledge in using cyber security tools and platforms (e.g., SIEM, IAM, PAM, GRC, EDR, IPS/IDS, etc.).
• Excellent analytical and problem-solving abilities.
• Strong communication and presentation skills, with the ability to convey complex concepts to various audiences.
• Relevant certifications such as CRISC, CISM, or CISSP are highly preferred.

Education

• Bachelor's degree in information systems, Information Security, or a related field.

Nesco Resource offers a comprehensive benefits package for our associates, which includes a MEC (Minimum Essential Coverage) plan that encompasses Medical, Vision, Dental, 401K, and EAP (Employee Assistance Program) services.

Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

Job Tags

Long term contract, Work at office, Local area,

Similar Jobs