Cybersecurity Analyst – IT Operations

About the role

We are seeking a Cybersecurity Analyst focused on IT Operations to protect enterprise systems and sensitive data across a federal‑contract environment in the United States. The analyst will work closely with IT teams, business stakeholders and leadership to implement, monitor and improve security controls, ensuring compliance with federal frameworks and audit readiness.

Key responsibilities

• Implement and continuously improve security controls aligned with NIST SP 800‑171, NIST SP 800‑53 and CMMC requirements.
• Monitor security tools, investigate alerts, perform incident triage and support incident response activities.
• Maintain and secure Windows‑based servers, endpoints and Active Directory, and support Linux systems where required.
• Conduct vulnerability assessments, prioritize remediation, and track corrective actions based on risk and compliance impact.
• Enforce data classification, access controls and protection procedures for Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).
• Collaborate with IT operations and system administrators to strengthen security controls and mitigate operational risks.
• Participate in internal and external audits, gather evidence, validate controls and maintain documentation.
• Develop and maintain security procedures, technical documentation and compliance records.
• Communicate security risks and recommendations to technical and non‑technical audiences and promote cybersecurity awareness.

Required profile

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering or a related field.
• Minimum 7 years of progressive experience in cybersecurity, information security, systems administration, network security or risk management.
• Analytical, detail‑oriented and able to work collaboratively in a fast‑paced environment.

Required skills

• Windows Server and endpoint security.
• Linux system administration.
• Active Directory management.
• Vulnerability assessment and remediation.
• Incident response and security monitoring tools.
• Knowledge of NIST SP 800‑171, NIST SP 800‑53 and CMMC compliance frameworks.