CyberDefenses is the national leader in Cybersecurity for election departments. Join our team as we work closely with local leaders to dramatically improve the security posture and controls of each county. If you have a drive to be involved in our national security and protect our democratic process and a strong interest and background in cybersecurity risk assessments and analysis, then we want to talk to you!
Reporting to the Managing Director of the CISO Advisory team, the Election Security Analyst provides security assessment and guidance services for election departments of counties and states. This individual will work directy with client counties to perform deep security assessments and work with counties to continue to improve their environment. We are looking for a team member that is driven to improve the security profile of our clients and has a relentless interest in security and risk analysis.
This role works remotely or out of our Round Rock, TX headquarters and requires approximately 75% travel to client locations.
Candidates will need to pass a Department of Public Safety background check for our work with the State of Texas.
- Conduct assessments of the election departments of client counties, cities and states
- Develop gap analysis to compliance requirements
- Construct client deliverables including reports, briefing presentations and recommendations
- Work with clients to mitigate cybersecurity risks and implement security program functions
- Conduct research to identify appropriate solutions and recommendations
- Participate in the development of incident response exercises and facilitate exercises for clients in table-top or expanded exercise formats
- Work within existing CyberDefenses service delivery frameworks and help to develop service delivery
Preferred Skills and Qualifications:
- Able to communicate expertly through writing, speaking, and presenting to groups and key client stakeholders
- Team player capable of productively contributing to the CyberDefenses mission by supporting fellow teammates and clients in a dynamic growing and changing environment
- Knowledgeable of network and security architecture principles, firewall and IDS/IPS fundamentals, endpoint security systems and other security protective/detective systems
- Experience with IT system and/or network administration
- Knowledgeable of cybersecurity operations and essential security program functions that include event monitoring and SIEM technologies, vulnerability scanning and management, access controls and authentication measures,
- Capable of connecting threat analysis to risk management principles to formulate priorities and provide business level risk decision support
- Capable of working independently, establishing and managing task completion within deadlines that are responsive to client needs
- Knowledgeable of information security frameworks including NIST Cybersecurity Framework, NIST Special Publications (i.e., 800-30, 800-37, 800-53, 800-171), ISO27001/2, as well as regulatory/compliance mandates such as HIPAA, PCI-DSS, GLBA, FFIEC guidelines and others
- Possess or have completed testing for an industry-leading certification including CISSP, CISA, CISM, GIAC or other recognized credential
- Computer Science or related 4-year degree
- 5+ years in the Cybersecurity industry as in operator, developer or risk assessment roles
- 2+ years in an Information Assurance or Cybersecurity Risk Assessment role
- Experience conducting risk assessment work or IT auditing of compliance requirements or framework gap analysis
- Experience and/or knowledge of Election systems
- Experience with penetration testing, application security testing
- Experience quickly learning, independently reaching stretch goals, and continually improving knowledge and capabilities
- Experience taking on complex and difficult problems, formulating a path forward, and executing steps that demonstrate meaningful progress