Cyber Security Analyst

Role: Cyber Security Analyst

Location: Remote

About Rhymetec:

Rhymetec was founded in New York City in 2015, growing steadily in the areas of compliance, cybersecurity and data privacy. Our mission is to ensure our clients are compliant faster, so they can focus on their core business and less on the complexities of building effective and compliant infosec programs.

Job Description:

The Cyber Security Analyst (CSA) will be responsible for architecting, developing, and implementing solutions that help Rhymetec's clients achieve, manage and measure security metrics and compliance requirements. The role will work closely with their team to help design and deliver security and compliance objectives and have the ability to help drive foundational changes in internal cloud platforms to enhance their security posture. The ideal candidate will have a team first mentality and fit within the core values and culture at Rhymetec. This person will be responsive to both customers and team members with communications, be detail oriented, and hold a high level of autonomy to complete work on time and with quality.

Responsibilities:

• Prepare agendas and reference documents for meetings with clients.
• Conduct meetings with clients regularly.
• Configure performance monitoring alarms in AWS, Azure, GCP, Datadog and other cloud infrastructures.
• Configure Security alarms and Intrusion Detection Systems in AWS, GCP, Azure
• Set up supporting security applications.
• Set up mobile device management applications such as Jamf, Jumpcloud,
• Microsoft Endpoint manager, Hexnode, etc.
• Configure and maintain compliance monitoring platforms.
• Conduct internal audits, risk assessments, and generate reports.
• Conduct Incident Response Tabletop exercises with clients.
• Conduct Business Continuity and Disaster recovery tabletop exercises with clients
• Document and lead incident response process should an incident arise.
• Translate SOC 2 Type 2, ISO 27001, GDPR, and HIPAA controls into actionable

items for clients.

• Conduct employee access reviews, SaaS vendor security assessments, and Gap assessments.
• Triage bug/vulnerability reports from security researchers.
• Complete security questionnaires on behalf of clients.
• Draft supporting documents for clients’ information security management

systems and information security policies.

• Gather and maintain evidence of compliance for various frameworks.
• Lead engagements with auditors on behalf of clients.
• Communicate tasks to clients’ employees and educate clients on security best practices.
• Troubleshoot issues that may arise within our scope of work.
• Other duties as assigned by the supervisor. Duties listed here are not exhaustive and may change or grow as does the business need for its employees. Quarterly travel may be required.

Qualifications:

• Knowledge of compliance and regulatory frameworks (PCI, ISO/IEC, SOC 2, HIPAA, GDPR)
• Strong logical security skills, with experience in cloud security
• Understanding of cloud environments (AWS, GCP, Azure) and integrating security controls through DevOps and Infrastructure as a Service (IaaS) techniques
• Experience in customer service and ability to develop professional relationships with customers

Must Haves:

• Bachelor's degree or equivalent experience related to the technology or cyber security field
• 2 + years of work experience in technology or cybersecurity.
• Ability to flex and adapt to innovative and changing work demands

Hiring Range: $65,000 - 80,000 annually depending on education and experience.

Rhymetec offers a robust employee package, including:

• Employee covered medical premiums (100%)
• Dental and Vision Benefits
• PTO and Sick Time, including 11 paid Holidays
• 401K retirement option
• Company paid Life Insurance
• Annual Subscription to TalkSpace (online counseling & therapy service)

Rhymetec is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetic, disability, age, or veteran status.