Cyber Security Analyst
Nesco Resource, Uniondale, NY, United States
Seeking a hands‑on Cybersecurity Analyst to design, implement, and operate key components of the Firm’s cybersecurity program. Reporting to the Director of Information Security, you will deploy and maintain controls, investigate alerts, analyze risks, and support incident response to drive continuous improvement of the Firm’s security strategy and ISMS.
Responsibilities
Essential Functions
Assist in the design, implementation, and ongoing monitoring of security systems and controls to protect the Firm’s systems, networks, and data.
Proactively identify and remediate vulnerabilities in hardware, software, applications, and configurations; interpret penetration test and vulnerability assessment results.
Respond to security incidents, coordinate investigations, perform root cause analysis, and report risks and recommendations to the Director of Information Security.
Collaborate with the cybersecurity team and SOC to ensure continuous protection.
Ensure security protocols and processes align with SOC 2 Type II and other compliance requirements.
Administer the cybersecurity awareness training program.
Develop and maintain SOPs and process improvement initiatives aligned to the security roadmap.
Design, deploy, and optimize endpoint management processes using SCCM and Intune, ensuring operating systems and applications remain current.
Automate routine security and administrative tasks using scripting tools; continuously evaluate and improve security technologies and processes.
Qualifications
Education
BS/BA Degree in Cybersecurity / Information Technology or related field
Industry professional certifications are a plus (Security+, SSCP, CISSP)
Experience
Minimum of 2 years of experience in Information Security or a related technology field.
Hands‑on experience with endpoint protection technologies, including anti‑virus and intrusion detection systems.
Experience managing and supporting firewalls (Palo Alto preferred).
Proven experience maintaining secure network, system, and application architectures.
Strong experience with Microsoft 365 administration and security controls.
Working knowledge of vulnerability management platforms (e.g., Tenable, Qualys).
Experience administering email and web security gateways.
Experience with SIEM platforms for log review, monitoring, and security incident detection.
Familiarity with AWS cloud security concepts and controls (preferred).
Skills
Excellent verbal and written communication skills, with the ability to convey security issues to both technical and non-technical audiences.
Demonstrated ability to manage vendor relationships and coordinate deliverables.
Ability to prioritize, respond to, and follow through on multiple requests in a fast‑paced, dynamic environment.
Proven ability to work independently and lead projects through successful completion.
Proficiency in PowerShell scripting for automation and administrative tasks.
Hybrid Hours:
Monday-Friday, 9:00am – 5:00pm
with the flexibility to work overtime when needed
Minimum 3 days a week in office/2 days a week remotely
The annualized salary range for this position is $90,000 to $110,000. Actual pay will be adjusted based on experience and other job-related factors permitted by law.
#J-18808-Ljbffr
Responsibilities
Essential Functions
Assist in the design, implementation, and ongoing monitoring of security systems and controls to protect the Firm’s systems, networks, and data.
Proactively identify and remediate vulnerabilities in hardware, software, applications, and configurations; interpret penetration test and vulnerability assessment results.
Respond to security incidents, coordinate investigations, perform root cause analysis, and report risks and recommendations to the Director of Information Security.
Collaborate with the cybersecurity team and SOC to ensure continuous protection.
Ensure security protocols and processes align with SOC 2 Type II and other compliance requirements.
Administer the cybersecurity awareness training program.
Develop and maintain SOPs and process improvement initiatives aligned to the security roadmap.
Design, deploy, and optimize endpoint management processes using SCCM and Intune, ensuring operating systems and applications remain current.
Automate routine security and administrative tasks using scripting tools; continuously evaluate and improve security technologies and processes.
Qualifications
Education
BS/BA Degree in Cybersecurity / Information Technology or related field
Industry professional certifications are a plus (Security+, SSCP, CISSP)
Experience
Minimum of 2 years of experience in Information Security or a related technology field.
Hands‑on experience with endpoint protection technologies, including anti‑virus and intrusion detection systems.
Experience managing and supporting firewalls (Palo Alto preferred).
Proven experience maintaining secure network, system, and application architectures.
Strong experience with Microsoft 365 administration and security controls.
Working knowledge of vulnerability management platforms (e.g., Tenable, Qualys).
Experience administering email and web security gateways.
Experience with SIEM platforms for log review, monitoring, and security incident detection.
Familiarity with AWS cloud security concepts and controls (preferred).
Skills
Excellent verbal and written communication skills, with the ability to convey security issues to both technical and non-technical audiences.
Demonstrated ability to manage vendor relationships and coordinate deliverables.
Ability to prioritize, respond to, and follow through on multiple requests in a fast‑paced, dynamic environment.
Proven ability to work independently and lead projects through successful completion.
Proficiency in PowerShell scripting for automation and administrative tasks.
Hybrid Hours:
Monday-Friday, 9:00am – 5:00pm
with the flexibility to work overtime when needed
Minimum 3 days a week in office/2 days a week remotely
The annualized salary range for this position is $90,000 to $110,000. Actual pay will be adjusted based on experience and other job-related factors permitted by law.
#J-18808-Ljbffr