Cyber Security Analyst

In support of our client, a large steel manufacturer, ResourceTek is seeking a Cyber Security Analyst to join their team in Reading, PA. This is a 6-month consulting contract opportunity and is fully remote.

 

JOB DETAILS

  • Guides multiple teams with secure enterprise, manufacturing, and cloud app design.
  • Leads cybersecurity technology projects and lifecycle management.
  • Provides security technical assistance for IT projects intended to enable or advance business initiatives.
  • Contributes with Identity and Access Management (IAM) duties including user account access design, password vaulting, SSO/MFA, periodic access review, and encryption key management.
  • Supports secure integration of Cloud and Third-party Applications Assists with cyber-threat monitoring and incident response.
  • Monitors key security intelligence feeds and escalates relevant risks.
  • Performs daily security operations duties including handling service requests from Business and IT teams. 
  • Updates standard operating procedures and as-built documentation. 
  • Routinely publish performance metrics.
  • Leads continuous improvement initiatives using authoritative security frameworks (NIST CSF, ISO2700x, etc.)
  • Advises multiple teams with recurring patch and vulnerability management duties.
  • Facilitates third-party penetration testing (Ethical Hacking) to confirm design and operational effectiveness of security controls Guides employees with security and IT policy (e.g., password complexity, encryption settings, etc.)
  • Routinely publishes Governance, Risk, and Compliance (GRC) guidelines and metrics.
  • Examines design and operational effectiveness of security controls. 
  • Coordinates audit engagements led by Internal Audit, Regulator, or external audit firm.
  • Supports assessment of internal and third-party cybersecurity risk. 
  • Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc.). Assist with customer inquiries about the company compliance related to IT and Security.

 

REQUIREMENTS

  • Bachelor of Science degree in computer science or related field or a combination of business-related function experience, education, or related certifications (e.g., ISC2 CISSP) with experience
  • 6 - 10 years of related experience with Access Management, Security Operations, Network Security, Vulnerability Management, Compliance, or Audit Advanced understanding of information technology
  • Advanced knowledge of multiple security domains and common security controls
  • Expert knowledge of 2-3 security domains
  • Familiarity with common hacking techniques (e.g., malware, phishing, etc.) and effective counter measures
  • Adoption of security best practices and industry standards (e.g. NIST, ISO, CIS, COBIT, etc.)
  • Hands-on operation of cybersecurity infrastructure (e.g., Firewalls, Intrusion Detection, AV, PKI, Encryption, etc.) and configuration experience Security Incident Response Handling Malware analysis
  • Support Data and Digital Platform (DDP) and secure cloud framework Improve NIST Cybersecurity Framework (CSF) Capability Maturity Advance Mill Network Isolation and Firewall Review
  • Improve Patching and Vulnerability Management Create Technical Policy, Standards, and Procedures
  • Improve Logical Access Control (MFA/SSO/PW Vaulting) Data Loss Prevention and Tagging Remote Access standardization Security Operations and Incident Response
  • MUST BE US CITIZEN

 

ResourceTek offers a competitive salary and a comprehensive benefits package. Equal Opportunity Employer.