Enterprise Security Analyst II protecting data integrity and implementing security policies at Pekin Insurance. Involves risk assessments and compliance activities in a hybrid work environment.
About the role
- Cybersecurity Analyst leading CMMC compliance efforts for GM Defense and U.S. Government programs. Collaborating with multiple teams to ensure adherence to cybersecurity standards.
Responsibilities
- Drive the overall governance for government programs.
- Execute annual self-assessments (Continuous Monitoring) on CMMC/NIST controls and document findings.
- Coordinate internal teams (IAM, cloud, infrastructure, SOC, endpoint, vulnerability management, application owners) to validate control implementation and operational effectiveness.
- Identify compliance gaps, manage security exceptions (POA&Ms), and drive remediation prior to audit or customer assessments.
- Lead CMMC readiness and sustainment activities for GM Defense programs, aligned to NIST SP 800‑171 and DoD expectations for CUI protection.
- Build and maintain assessment‑ready evidence packages (policies, procedures, configurations, logs, tickets, reports) aligned to CMMC and DFARS requirements.
Requirements
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or equivalent practical experience.
- 5+ years of cybersecurity experience in regulated or government‑contract environments.
- Experience supporting federally regulated cybersecurity requirements.
- Experience preparing for third‑party or government assessments.
- Ability to translate and communicate DoD cybersecurity requirements for application teams.
- Knowledge in the following areas: Identity & Access Management (IAM): RBAC, least privilege, privileged access workflows, MFA, service accounts, access reviews, joiner/mover/leaver processes.
- Windows & Linux security: GPO/Intune or equivalent, local admin controls, secure baselines (e.g., CIS-aligned), logging configuration, patch management, hardening validation.
- Network security: segmentation concepts, firewall rulesets, VPN/ZTNA, secure remote administration, network device logging, NAC fundamentals, DNS security basics.
- Endpoint security: EDR capabilities, alert triage/validation, policy enforcement, device encryption, removable media controls.
- Vulnerability management: scan coverage, risk-based prioritization, remediation workflows, exception handling, validation reporting.
- SIEM/logging: ability to define log requirements, validate ingestion/retention, produce audit-ready log evidence, and explain detections and response workflows.
- Practical experience with the following: Working knowledge of FAR and DFARS cybersecurity clauses, including contractor responsibilities for safeguarding CUI and incident reporting.
- Understanding of government system authorization concepts, shared responsibility models, and secure enclave design.
- Experience supporting cybersecurity requirements within defense programs, manufacturing, engineering, or supply‑chain environments.
- Experience with secure enclave design, CUI boundary segmentation, or regulated environments in automotive/manufacturing/supply chain contexts.
Benefits
- From day one, we're looking out for your well-being–at work and at home–so you can focus on realizing your ambitions.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cybersecurity Analyst role at Fidelity Investments, assisting with client security inquiries and managing cybersecurity program communications. Requires a bachelor’s degree and relevant experience.
External Footprint Security Analyst safeguarding public - facing digital assets with expert cybersecurity skills at HID Global. Design and implement proactive strategies for identifying and mitigating vulnerabilities across multiple locations.
Sr. Information Security Analyst managing information security strategy and execution at Otter Products in Fort Collins, CO. Leading initiatives for enterprise security programs and incident response.
Technical reference in Application & API Security for Vivo Vita. Managing Akamai platform and incident response in a collaborative work environment.
Entry level Information Security Analyst working on assignments to monitor systems for unusual activity. Contributing to technology supporting the mission of the Church.
Security Analyst supporting delivery of managed security services for higher education clients at Asiera. Responsibilities include incident management, threat hunting, and collaboration with multiple teams.
Senior Cybersecurity Analyst designing and improving information security processes at Localiza&Co. Collaborating with various teams to ensure governance and data safety.
Associate Cybersecurity Analyst executing the Cybersecurity Program at GM Financial, managing risks and ensuring security for company assets.
Level 1 Cyber Security Analyst analyzing and escalating cyber - security alerts in log aggregation tools. Engaging in incident follow - up and basic automation in a supportive team environment.