Network Coverage

Information Security Analyst - Compliance

Full-Time in United States - Remote OK - Mid Level - $70k - $100k

Job description

Who we are:

Network Coverage is a best-in-class technology solutions provider specializing in IT managed services, cybersecurity, compliance, cloud enablement, digital transformation and software development for mid-market and enterprise organizations. Our comprehensive technology solutions and operational excellence allow clients to focus on their business with the value of an end-to-end technology partner.

Network Coverage believes in providing purpose to our people and that character, integrity and commitment win out. Technology is our mission, empowering and developing our team is our passion.

Integrity, Humility, Ownership, Urgency, Service.

What the role is:

Information Security Analyst (Tier 1/2)

Network Coverage is seeking talented and experienced Analysts to join our growing Security Team. Candidates will primarily work from home, however occasional dispatch may be required for client-facing meetings, presentations, and consultations and/or training.

2-4 years of experience working in an Information Security capacity is required for this position with demonstrated working knowledge of Information Security and regulatory standards as applicable to common frameworks, requirements, and best practices. The ability to communicate effectively with clients and team members and work efficiently to resolve time sensitive issues is a must.

A Compliance focused Information Security Analyst working with the Network Coverage Security Team will be expected to work within deadlines and will adjust to ever-changing client needs and scenarios within a fast-paced environment.

Level: Mid-Level

Reports To: Compliance Team Lead

Basic Scope and Function:

As a Compliance focused Information Security Analyst at Network Coverage, you will be part of the Security Team and your expertise will be an integral part of our all-encompassing V-CISO deliverable. You be working closely with team members and clients in various locations across the US and overseas and will fulfill the role of subject matter expert, advising upon the on the most effective approach to security, regulatory compliance and continuously developing and helping to implement Network Coverage’s targeted approach. As a Compliance focused Information Security Analyst, you will be responsible for Security Auditing, Readiness Assessment, Policy Writing, Risk Assessment, client onboarding and coordination of implementation treatment resulting from GAP assessment. As a technical solution provider, you will function as the subject matter expert and deliver a highly comprehensive Plan of Action and Milestones and may be expected to report on a scheduled cadence in a client facing capacity, under the guidance of the Chief Information Security Officer.

Due to the nature of the work, you may be required to fulfill on-call duties as part of a night and weekend rotation. Flexible work hours may also be required if requested for client onsite or after-hours support of accounts in differing regions.

Primary/Essential Duties and Key Responsibilities:

  • Interface with client points of contact as required for onboarding/post sales activity and/or recurring check ins and inquiries.
  • Continuously monitor and triage requests flowing through an inbound ticket queue.
  • Participate in the design and execution of risk assessments and security audits.
  • Participate in the management of employee awareness campaigns for both staff and clients, including phishing simulations and awareness training.
  • Perform CMMC Readiness assessment against 110 controls, delivering a comprehensive SSP and POAM with assisted attestation and SPRS reporting.
  • Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, regulatory requirements, improved security processes, and the development of new attacks and threat vectors.
  • Document best practices and user guides using available collaboration tools and workspaces.
  • Develop and maintain both internal and client-facing documentation, policy libraries and delivery metrics for end-to-end client security and compliance.
  • Provide timely, detailed, and complete reports on vulnerabilities, security events and incidents in a client facing setting.
  • Triage internal security and permissions requests from staff, including but not limited to systems access and employee terminations.
  • Oversee upkeep of internal SOP, ensuring adjustments to protocol are made as tools and methods evolve.
  • Perform QA workflow as necessary to improve upon consistency of product and client experience.
  • Coordinate resources and/or route audit requests appropriately for high volume or regulated client points of contact.
  • Ability to manage a changing and evolving workload and function as decision-maker where needed.
  • Provide after-business hours support if requested and as applicable to geographically distributed client base.
  • Perform other duties and tasks as assigned.

Knowledge, Skills and Abilities (KSAs) Required:

  • Strong problem-solving and analytical skills.
  • Excellent customer service skills, including understanding how to de-escalate, how to soothe and how to deliver the most efficient solution.
  • Strong communication skills, both verbal and written.
  • Familiarity with regulatory frameworks such as NIST/CMMC, ISO 27001, HIPAA/Hitech are a big plus.
  • Strong organizational, operational, and inter-personal skills
  • Strong familiarity with Windows desktop and server operating systems.
  • Strong familiarity with Microsoft Office 365 and Azure Active Directory support and implementation.
  • Strong understanding of networking concepts, familiarity with routers, firewalls, access points, IDS/IPS and VPN.
  • Familiarity with Email threat protection tools and concepts.
  • Familiarity with RMM and asset management tools are a big plus.
  • Understanding of tools and processes used in security monitoring and incident response
  • Experience with Endpoint Detection & Response (EDR) tools
  • Ability to understand vulnerabilities at a technical level and capable of recommending and effectively communicating mitigation strategy
  • Ability to communicate and write in English professionally
  • Reliable personal transportation for use in traveling to clients' offices is essential.

Minimum Experience and Education Required:

  • 2-4 years of experience working in an Information Security capacity.
  • No College Education Required.
  • CompTIA Security+ or similar.
  • High School Diploma or Accredited GED.
  • CMMC RP/RPA will be considered preferentially.

Supervisory/Managerial Experience and Responsibility:

  • No supervisory or managerial experience required.
  • No supervisory or managerial duties in this role.

Work Environment:

Work is primarily performed in a remote capacity and will require use of video conferencing software along with a company issued webcam. Work involves operation of computer equipment for 8 hours or more daily.

Network Coverage remote team members must ensure the availability of a stable, reliable, and secure internet connection with adequate bandwidth to support video calls as needed throughout the course of their shift and while performing on-call duties.

Physical Requirements:

  • Sitting
  • Standing
  • Moving of self
  • Moving of equipment
  • Communicating
  • Visual acuity for driving and computer work
  • Kneeling
  • Crawling
  • Reaching
  • Stooping
  • Lifting
  • Pulling

Job Type: Full-time