Remote Information Security Specialist at Technology Consulting, Inc.
Lexington, KY
About the Job
TCI has an immediate need for a Remote Information Security Analyst. This is not a C2C opportunity. This is a long-term contract opportunity with probable extensions.
Note: This position requires US Citizenship or Permanent Residence.
SUMMARY
The Information Security Compliance Analyst is a mid-level position that focuses on ensuring compliance with regulatory requirements, mitigating security risks, and fortifying the cybersecurity framework across the all locations. The ideal candidate will monitor compliance, investigate security breaches, implement best practices, and collaborate with stakeholders to promote a culture of security awareness.
RESPONSIBILITIES
Note: This position requires US Citizenship or Permanent Residence.
SUMMARY
The Information Security Compliance Analyst is a mid-level position that focuses on ensuring compliance with regulatory requirements, mitigating security risks, and fortifying the cybersecurity framework across the all locations. The ideal candidate will monitor compliance, investigate security breaches, implement best practices, and collaborate with stakeholders to promote a culture of security awareness.
RESPONSIBILITIES
- Ensure compliance with industry regulations, standards (e.g., FISMA, FedRAMP, ISO 27001, NIST), and internal policies.
- Conduct regular audits, follow-ups, and risk assessments to identify and address compliance gaps.
- Maintain and update documentation on security processes and policies.
- Monitor and analyze activities in a Security Information and Event Management (SIEM) system.
- Respond to security incidents, investigate breaches, and document findings.
- Recommend and implement mitigation strategies for identified vulnerabilities.
- Prepare and deliver reports for senior management on compliance status, findings, and recommendations.
- Assist in maintaining the eGRC tool for continuous monitoring and compliance tracking.
- Remote work available to candidates in Eastern Time Zone.
- Bachelor’s degree in computer science, Software Engineering, or a related field (equivalent professional experience may be considered for substitution for the required degree on an exception basis).
- Minimum of 3 years of related experience.
- Strong knowledge of IT security frameworks and regulations.
- Hands-on experience with SIEM tools, network security, and audit processes.
- Familiarity with government information systems and classified environments is a plus.
- Proficient in cybersecurity tools, Microsoft Office Suite, and compliance management systems.
- Strong analytical, documentation, and communication skills.
- Ability to work independently and lead projects to successful completion.
- One or more of the following certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- Certified Cloud Security Professional (CCSP)
- Project Management Professional (PMP)
- Offensive Security Certified Professional (OSCP)
- Cybersecurity Analyst (CySA+)
- CompTIA Security+, CASP+, or PenTest+
- GIAC Security Essentials (GSEC)
- System Security Certified Practitioner (SSCP).