Key skills
CybersecurityRegulatory ComplianceSOC 2ISO 27001CMMCHIPAAGDPRNIST 800-53Cloud SecurityAWSGCPAzureDevOpsInfrastructure as a Service (IaaS)Cloud+CySA+CISSPCISMCustomer ServiceDatadogSaaSProject ManagementCollaboration
About this role
Rhymetec is a growing company founded in New York City in 2015, specializing in compliance, cyber security, and data privacy. They are seeking a Cyber Security Analyst who will be responsible for architecting, developing, and implementing solutions to help clients manage security metrics and compliance requirements, while enhancing their security posture through collaboration and project management.
Responsibilities:
- Prepare agendas and reference documents for meetings with clients
- Assist in building and managing cyber security programs for Rhymetec’s customers based on industry standard cyber security compliance frameworks
- Conduct meetings with clients regularly
- Configure performance monitoring alarms in AWS, Azure, GCP, Datadog and other cloud infrastructures
- Configure Security alarms and Intrusion Detection Systems in AWS, GCP, Azure
- Set up supporting security applications
- Set up mobile device management applications such as Jamf, Jumpcloud, Microsoft Endpoint manager, Hexnode, etc
- Configure and maintain compliance monitoring platforms
- Conduct internal audits, risk assessments, and generate reports
- Conduct Incident Response Tabletop exercises with clients
- Conduct Business Continuity and Disaster recovery tabletop exercises with clients
- Document and lead incident response process should an incident arise
- Translate SOC 2 Type 2, ISO 27001, CMMC, GDPR, and HIPAA controls into actionable items for clients
- Conduct employee access reviews, SaaS vendor security assessments, and gap assessments
- Triage bug/vulnerability reports from security researchers
- Complete security questionnaires on behalf of clients
- Draft supporting documents for clients’ information security management systems and information security policies
- Gather and maintain evidence of compliance for various frameworks
- Lead engagements with auditors on behalf of clients
- Communicate tasks to clients’ employees and educate clients on security best practices
Requirements:
- Bachelor's Degree from an accredited university in a Technology or Cybersecurity field OR 4+ years of direct experience in listed areas
- 3+ years of work experience working with technology, cybersecurity, and regulatory compliance
- Experience in customer service and ability to develop professional relationships with customers
- Extensive knowledge of compliance, regulatory frameworks, and implementing SOC 2, ISO27001, CMMC, HIPAA, GDPR, NIST 800-53 and other compliance frameworks
- Strong logical security skills, with experience in cloud security
- Understanding of cloud environments (AWS, GCP, Azure) and integrating security controls through DevOps and Infrastructure as a Service (IaaS) techniques
- Preferred Certification(s): Cloud+, CySA+, CISSP, CISM