Skip to content

Information Security Analyst

Distro
Stamford, Connecticutonsite$60 - $70Mar 27, 2026·Posted 15 days ago
View Application Page

Domain

CybersecurityInfrastructure

Tech Stack

SIEMIDS/IPSFirewallsEndpoint protectionVulnerability platformsDLPAWSAzureGovCloud

Must-Have Requirements

  • 8-10 years in Information Security, Risk Management, or IT Security Operations
  • Experience developing enterprise security programs in regulated environments
  • Expertise with SIEM, IDS/IPS, Firewalls, Endpoint tools, Vulnerability platforms
  • Knowledge of NIST CSF 2.0, NIST RMF, ISO 27001, CIS Controls
  • Strong analytical, investigative, and communication skills

Nice to Have

  • -Experience in municipal, state, or federal environments
  • -Certifications: CISSP, CISM, CRISC, CEH, GIAC
  • -Experience with POA&M remediation and compliance reporting
  • -Cloud security experience (AWS, Azure, GovCloud)
  • -Understanding of Zero Trust architecture

Description

Position Summary We're seeking a highly experienced Information Security Analyst to support a municipal-level cybersecurity program. This role reports to executive cybersecurity leadership and is responsible for strengthening enterprise security posture, ensuring regulatory compliance, and protecting critical systems and sensitive data. Key Responsibilities Develop and maintain information security policies, standards, and procedures Maintain IT risk taxonomy, risk register, and control inventory Align security program with NIST, FISMA, FedRAMP, ISO 27001, CIS Controls Lead Technology Risk and RCSA processes Conduct risk assessments, vulnerability scans, SOC testing, and audits Support audits, compliance reviews, POA&M tracking Monitor and respond to security events; lead incident containment/remediation Maintain SIEM, IDS/IPS, DLP, and endpoint protection tools Manage threat intelligence processes Advise leadership on cybersecurity risks and trends Provide security awareness training and executive-ready communications Required Deliverables IT Risk Taxonomy (NIST RMF aligned) Enterprise IT Risk Register Risk Assessment Methodologies SOC Testing Framework & RCSA Model Threat Intelligence Process Documentation Compliance & remediation tracking Minimum Qualifications 8–10 years in Information Security, Risk Management, or IT Security Operations Experience developing enterprise security programs in regulated environments Expertise with: SIEM, IDS/IPS, Firewalls, Endpoint tools, Vulnerability platforms Knowledge of Zero Trust architecture Understanding of NIST CSF 2.0, NIST RMF, ISO 27001, CIS Controls Cloud security experience (AWS, Azure, GovCloud) Strong analytical, investigative, and communication skills Preferred Qualifications Experience in municipal, state, or federal environments Certifications: CISSP, CISM, CRISC, CEH, GIAC Experience with POA&M remediation and compliance reporting Core Competencies Enterprise Risk Management Security Governance & Compliance SOC & Control Testing Incident Response Threat Intelligence Zero Trust Architecture Cross-Functional Collaboration

#SolvoHRGlobal

#LI-PROMOTED

#LI-Onsite

Location Context