Cybersecurity Analyst (C) & R5088 - Need local to Idaho

Job Title: Cybersecurity Analyst

Duration: Budgeted for 4-month duration only candidates must be aware that they may not be extended beyond the 4-month duration and must be comfortable with accepting this short-term position if selected.

Location: Onsite in Boise w/hybrid schedule Ideally 3 days/week onsite. 2 days/week remote, but client can be flexible with that number of days per week required onsite.

Address: 451 State Street, Boise, ID 83702 Local candidates should be submitted due to onsite requirement and short-term duration.

Client: State of Idaho

Job Summary:

• This Cybersecurity Specialist will be responsible for implementing security best practices, identifying vulnerabilities, and ensuring compliance with legal and regulatory requirements.
• The position requires strong documentation and writing skills as well as the ability to collaborate effectively with IT, cybersecurity, and business stakeholders.

Job Description

• We are looking for a Cybersecurity Analyst to be responsible for implementing security best practices, identifying vulnerabilities, and ensuring compliance with legal and regulatory requirements.
• This position will be full-time and hybrid in Boise, ID.

What You'll Do

• Cybersecurity Risk Assessment & Remediation: Conduct thorough assessments of the organization's current security posture, identifying vulnerabilities and implementing remediation measures to mitigate risks
• Security Architecture & Solution Design: Assist in designing and implementing security controls and systems to protect critical assets, data, and networks
• Incident Response Support: Support incident response efforts by identifying and addressing potential security threats, conducting root cause analysis, and assisting with incident reporting and recovery efforts
• Documentation & Reporting: Create and maintain clear, detailed security documentation, including policies, procedures, and incident reports. Ensure that security measures are clearly documented for internal and external stakeholders
• Collaboration with Stakeholders: Work closely with IT, cybersecurity teams, and business units to ensure alignment of cybersecurity initiatives with organizational goals and regulatory requirements
• Compliance Assurance: Ensure that cybersecurity policies and practices are aligned with applicable legal and regulatory requirements (e.g., GDPR, HIPAA, NIST)
• Training & Awareness: Provide support for developing training materials and conducting awareness sessions on security best practices for various stakeholders across the organization
• Security Monitoring: Assist in configuring and monitoring security tools (e.g., SIEM, IDS/IPS, EDR) to proactively detect and mitigate security threats

What You'll Need

Required:

• Cybersecurity Expertise: A minimum of 4-6 years of hands-on experience in the field of cybersecurity, with a strong understanding of threat detection, vulnerability management, risk assessment, and incident response
• Experience with SIEM tools, IDS/IPS systems, firewalls, endpoint protection, and network security
• Familiarity with data encryption techniques, secure network design, and cloud security principles
• Proven ability to create clear, concise, and detailed documentation, including incident reports, security policies, procedures, and technical designs
• Ability to communicate complex security concepts to both technical and non-technical stakeholders in an understandable and actionable way
• Knowledge of key cybersecurity frameworks and compliance requirements, such as NIST, ISO/IEC 27001, GDPR, and HIPAA
• Experience ensuring security measures meet regulatory and legal standards
• Strong interpersonal and communication skills to effectively collaborate with cross-functional teams (IT, legal, compliance, and business units)
• Ability to work with stakeholders to understand business needs and align security initiatives accordingly
• Experience in identifying and managing cybersecurity risks, as well as responding to and mitigating security incidents
• Ability to support incident response and assist with post-incident analysis and reporting
• 5 years of incident response experience
• 3 years of Firewall, IDS/IPS experience
• 2 years of SIEM experience
• 2 years' experience with Endpoint Detection and Response (EDR), Managed Detection and Response (MDR)
• 2 years of vulnerability management experience
• Security Awareness and Training experience
• 3 years' experience with Compliance and assessment against security frameworks such as NIST 800-53, NIST CSG, CIS Top 18
• Cloud security experience

Preferred:

• Relevant certifications such as CISSP, CISM, CISA, CompTIA Security+, CEH (Certified Ethical Hacker), or similar
• Experience securing cloud environments such as AWS, Azure, or Google Cloud, and using cloud-native security tools
• Project Management Skills: Ability to prioritize tasks, manage deadlines, and work independently or as part of a team to achieve objectives in a timely manner

Physical Demands

• Ability to safely and successfully perform the essential job functions consistent with the ADA and other federal, state, and local standards
• Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc.
• Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor.