Cybersecurity & Physical Security Analyst Contractor

Cybersecurity & Physical Security Analyst Contractor

This is a Full-Time (On-Site) Position in San Jose, CA supporting a Water Utility/ Water Treatment & Distribution Company.

Number of Available Positions: 1

Contract Term: 3 Months (With Possible Extensions)

Working Hours: (Full-Time) 8 AM – 4:30 PM

Salary Target: $90K-$120K/YR (Salary is flexible based on the relevant professional experience and background related to the position)

Requirements: ship or Work Authorization Status; 3-7 years of professional experience pertaining to cybersecurity & security operations; Strong professional experience with Windows 11 Administration, upgrades, and remediation; Understanding of Zero Trust Principles; Experience analyzing VPN Access & Logs; Experience with Administration of Physical Security Access Control (Badging) and CCTV Systems

Job Description:

Role Overview

We are seeking a mid‑level Cybersecurity & Physical Security Analyst to provide short‑term staff augmentation support for several high‑priority security initiatives. This role is hands‑on and execution‑focused, supporting both cybersecurity and physical security operations, including:

• Windows 11 end‑of‑life remediation and upgrades
• Zero Trust security initiatives
• Data protection and access control projects
• VPN access review and least‑privilege enforcement
• Administration support for physical access control (badge) and CCTV systems

The ideal candidate is experienced enough to work independently on well‑defined tasks but does not function as a senior architect or policy owner. This role is intended to accelerate delivery within a defined three‑month timeframe, but can be extended for the right candidate.

Key Responsibilities

Windows 11 Upgrade & Compliance

• Identify Windows 11 systems that are approaching or at the end‑of‑life.
• Assess endpoint compliance against internal security and configuration standards.
• Drive and execute the remediation and upgrades to supported, compliant Windows 11 versions.
• Coordinate upgrade activities with end users, security, and the IT support teams.
• Validate endpoint security tools and controls post‑upgrade.
• Track progress to ensure remediation is completed within the three‑month timeline.

VPN Access Review & Least‑Privilege Enforcement

• Review and analyze VPN access logs to understand usage patterns and access needs.
• Identify users who require VPN access versus those who can be removed or restricted.
• Work with cybersecurity, IT, and business stakeholders to determine appropriate VPN group membership.
• Support restructuring of overly broad VPN groups to enforce least‑privilege access.
• Assist with the implementation and validation of VPN group changes.
• Document findings, recommendations, and changes made.

Data Protection & Access Controls

• Support data protection projects using the company’s existing data protection tools.
• Review and analyze file and folder permissions in on‑premises and/or cloud environments.
• Work with business departments to understand data access and protection requirements.
• Collaborate with system administrators to translate business needs into technical controls.
• Execute and validate access control changes within approved tooling.
• Assist with remediation of overly‑permissive or misconfigured access.
• Document requirements, actions taken, and outcomes for audit and governance purposes.
• Ensure implementations align with least‑privilege and Zero Trust principles.

Physical Security Systems Administration (Badge & CCTV)

• Provide administration support for physical access control (badge) systems.
• Assist with user provisioning, de‑provisioning, and periodic access reviews.
• Support administration of CCTV / video surveillance systems, including user access management.
• Work with the physical security team to support the rollout and expansion of the physical security program.
• Assist with access audits, documentation, and operational support related to physical security systems.
• Ensure physical access controls align with least‑privilege and internal security standards.
• Coordinate changes with IT and physical security stakeholders to avoid operational disruption.

Required Qualifications

• 3–7 years of hands‑on cybersecurity or security operations experience.
• Strong experience with Windows 11 administration, upgrades, and remediation.
• Working knowledge of endpoint security, OS hardening, and compliance.
• Practical understanding of Zero Trust principles.
• Experience reviewing and managing file and folder permissions.
• Experience analyzing VPN access and logs to rationalize user access.
• Experience administering or supporting physical access control (badge) and CCTV systems.
• Ability to work across cybersecurity, IT, and physical security teams.
• Strong documentation and communication skills.
• Ability to work independently on defined tasks with minimal supervision.

Preferred Qualifications

• Experience supporting large‑scale OS upgrade or remediation efforts.
• Familiarity with enterprise data protection or access governance tooling.
• Experience working in regulated or critical‑infrastructure environments.
• Experience managing badge access control and video surveillance systems.