Corporate IT Senior Cybersecurity Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

PCI Federal · 6 days ago

Corporate IT Senior Cybersecurity Analyst

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
money$110K/yr - $150K/yr
date7+ years exp

PCI Federal is focused on cybersecurity solutions, and they are seeking a Senior Cybersecurity Specialist to lead day-to-day cybersecurity operations and compliance activities. This role involves designing and implementing security controls, monitoring threats, and serving as a technical advisor to ensure secure operations.

Customer ServiceGovernmentInformation Services

Responsibilities

Monitor security tools, including Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), and vulnerability management platforms
Investigate security tool alerts to determine scope, impact, and remediation activities
Lead incident response activities, including triage, containment, eradication, recovery, and after-action reporting
Develop and refine playbooks, escalation paths, and detection use-cases for common threats such as phishing, ransomware, insider risk, and misconfigurations
Implement and maintain security controls across endpoints, servers, cloud services, and network infrastructure
Perform security hardening and configuration validation using industry standards like Center for Internet Security (CIS) benchmarks, Security Technical Implementation Guides (STIGs), and secure baselines
Collaborate with IT to enhance logging, network segmentation, and improve identity security utilizing multi-factor authentication, least privilege principles, and privileged access management
Support or lead compliance efforts aligned to NIST SP 800-171, CMMC Level 2, and related federal requirements
Conduct security control assessments, document evidence, Plan of Action & Milestones (POA&M) processes, and track remediation to completion
Maintain cybersecurity documentation to include System Security Plan (SSP) support, policies/standards, procedures, risk register inputs, and audit artifacts
Run vulnerability scans, validate findings, prioritize risk-based remediation, and verify patch effectiveness
Coordinate patching and mitigation timelines with system owners, programs, and vendors
Lead Penetration testing and table-top exercises
Provide security guidance to engineering, operations, and program teams to include (secure configurations, secure collaboration, and data handling)
Support security awareness initiatives and targeted training for high-risk roles
Contribute to proposals, system security planning, and customer deliverables as needed. This may include but is not limited to (technical narratives, compliance responses, and security architecture input)
Participate in internal and customer meetings to translate risk into actionable decisions
Serve as the escalation point for complex cybersecurity issues, ensuring minimal downtime and rapid incident resolution
Monitor network performance, conduct capacity planning, and implement improvements for scalability and reliability
Develop and maintain detailed technical documentation, diagrams, and standard operating procedures
Partner with companies, systems, and application teams to ensure seamless IT operations and integrations
Manage large-scale projects in a timely manner

Qualification

Cybersecurity protocolsCloud networking AWSCloud networking AzureCloud networking GCPSecurity frameworks NISTSecurity frameworks CMMCIncident handlingVulnerability managementNetwork monitoring toolsAnalytical skillsSecurity documentationProblem-solving skillsEffective communicationLeadership abilitiesCollaborative mindset

Required

Bachelor's degree in Cybersecurity, Information Technology, or related field. Four years of (or equivalent experience will be accepted in lieu of a degree)
7+ years of progressive cybersecurity experience in operations, engineering and/or compliance
Strong knowledge of Cybersecurity protocols, processes, procedures, etc
Hands-on experience with cloud networking in AWS, Azure, or GCP
Familiarity with Software-Defined Wide Area Networking (SD-WAN), Virtual Private Networks (VPNs), Network Access Control (NAC), and wireless networking
Proficiency with network monitoring tools such as SolarWinds, PRTG, and Nagios
Strong analytical and problem-solving skills, effective communication, leadership abilities, and a collaborative mindset
Practical experience with security controls, incident handling, and enterprise IT environments
Working knowledge of security frameworks and requirements, including NIST 800-53/171, CMMC, ISO 27001
Ability to produce and maintain security documentation, including policies, procedures, evidence collection, and audit support
Strong written and verbal communication skills; able to brief both technical and non-technical stakeholders

Preferred

Experience supporting DoD / federal contracting environments
Familiarity with the Microsoft 365 security stack, including Defender, Sentinel, Entra ID, and other SIEM/EDR tools
Experience with Azure/AWS cloud security concepts to include logging, Identity and Access Management (IAM), and security posture management
Understanding of secure network design principles such as firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), segmentation, and VPN technologies
Experience with SSP and POA&M processes and assessment readiness activities

Company

PCI Federal

twittertwitter
company-logo
Ecke Holding Company LLC, doing business as Poarch Creek Indians Federal (PCIF), was formed under the Poarch Band of Creek Indians Tribe to provide high quality products and services to Federal customers.
dateFounded in 2016
location
Atmore, Alabama, USA
people-size501-1000 employees
web-link
https://pcifederalservices.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Tabitha Campbell
Sr Regional Recruiting Business Partner
linkedin
Company data provided by crunchbase