Senior Security Analyst
Senior Security Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Title: Senior Security Analyst
Location: Hybrid in Los Angeles CA (1 day a week onsite rest is remote)
Duration: Contract
Certification: Any type of cyber security certification but we have to include a copy with the resume.
What we need for submittal: We have to send the resume any copy of Cybersecurity certifications and 3 references (name title company phone email dates they worked together and size of project/project scope)(if you look right below here it tells you what they need for references:
MINIMUM QUALIFICATIONS:
Proposers shall meet each of the minimum qualification requirements at the time of proposal submittal:
Five years of experience performing assessments alignments and policy development with the NIST Cybersecurity Framework (CSF) across all departments systems and third-party interfaces.
Five years of experience with conducting state assessment target profile development Gap analysis and Implementation roadmap with control mappings to various processes. Demonstrated expertise with Framework integration with Enterprise Risk Management (ERM) Identity and Access Management (IAM) and Cloud security controls. Ensure interoperability with compliance (HIPAA COPPA FERPA CIIPA GDPR etc.)
Experience in establishing the Metrics and Continuous Monitoring providing dashboard for dashboards for executive visibility (CISO CIO board) planning regular maturity assessment and establishing metrics for each CSF function and subcategory.
REQUIRED QUALIFICATIONS
Experience in governance and program design
Experience in NIST CSF framework integration
Experience in technology alignment with NIST CSF
Experience in establishing metrics and executive dashboard creation.
Experience with compliance and audit requirements
Experience with understanding larger systems and their dependencies.
Experience with developing governance framework documents SOPs and policies.
SCOPE OF SERVICES
Policy Development
Review existing client cybersecurity policies procedures standards risk assessments and other related compliance documents.
Identify current IT Security policy gaps against NIST CSF 2.0 and assist in developing policies procedures standards and other compliance documents to address those gaps
NIST Alignment
Meet with key stakeholders.
Define scope priorities and resource needs.
Review the 2024 NIST Gap Assessment results.
Revalidate gaps to confirm current state and material changes.
Map all gaps to the appropriate NIST CSF categories and/or NIST 800-53 controls.
Prioritize gaps based on risk regulatory impact and operational dependency.
Develop remediation plans including resource needs timelines and responsible parties.
NIST Assessment
Interview key personnel from IT security compliance and business units.
Validate documentation with observed processes and supporting evidence.
Rate each NIST CSF Category/Subcategory using a maturity model (e.g. 1 5 scale: Partial to Adaptive).
Compare 2025 maturity levels to previous years to identify progress or regression.
Maturity Assessment against NIST CSF 2.0
Create and deliver a comprehensive assessment report including:
o Executive summary
o Maturity scorecard
o Identified gaps and risks
o Remediation recommendations and risk prioritization
Present findings in an executive-level briefing.
PLease share your Updated resume at
.
Employment Type
Full-time
