100% Remote, Independent contractor agreement role for 2+ years
Professional English is a must
Please submit your resume in English
8am - 5pm EST time zone
Paid monthly based on experience
Must live in the Medellin Metro area
The Cybersecurity Analyst will be responsible for ensuring the security and integrity of our on-premises and cloud based infrastructure. You will play a critical role in safeguarding our systems and data from cyber threats, implementing best practices, and ensuring compliance with industry standards and regulations. A large part of this role will be working with various groups within a global company to ensure the company's cybersecurity documentation and policies are in line with the shipping and logistics industry.
\tConduct bi-annual vulnerability assessments and penetration testing to identify and address security weaknesses and potential threats.
\tConduct quarterly reviews of access controls on business critical system accounts and in coordination with system owners ensure users have proper access.
\tConduct tabletop exercises to measure readiness for:
o\tOffboarding of a user account (privileged account or urgent situation)
o\tData recovery
o\tServer recovery
o\tBusiness continuity
\tProcure applicable Security Technical Implementation Guides (STIG) documents and work with DevOps teams to automate the application of STIG CAT 1 controls.
\tStay informed on the latest Zero day exploits, high risk vulnerabilities and trends in cyber security including the best means for detecting and managing an attack.
\tIn coordination with SOC, monitor and analyze security logs, alerts, and events, participate in incident response activities, including investigating and remediating security incidents, and implementing preventive measures.
\tWork with systems engineers to develop, implement and audit the security standards for existing technologies, including firewalls, intrusion detection/prevention systems, antivirus software, and encryption tools.
\tConduct periodic audits and security assessments of on-premises servers and cloud environments to ensure compliance with internal policies and regulatory requirements.
\tProvide guidance and training to employees on cybersecurity best practices, awareness, and incident response protocols.
\tMonitor and enforce compliance with regulatory requirements, such as GDPR, ISO 27001, and NIST, as applicable to on-premises servers and cloud infrastructure.
\tWork with developers to ensure code scans are performed and high risk items are resolved and tested prior to release.
\tComplete risk survey and customer due diligence reports as required.
Qualifications:
\tBS in Information Technology, Computer Science / Engineering and 5- 10 years of relevant experience. Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable.
\tExperience with securing on-premises servers and virtualization technologies (e.g., VMware, Hyper-V).
\tProficiency in securing cloud platforms (AWS, Azure) and familiarity with cloud security controls and services.
\tProven experience working in cybersecurity roles, with a focus on on-premise servers and cloud environments.
\tDemonstrated experience in vulnerability assessment and penetration testing tools and methodologies.
\tExperience with security incident response, including analyzing and mitigating security incidents.
\tFamiliarity with security and compliance requirements for the shipping and logistics industry.
\tSelf-motivated, detail-oriented, and able to work both independently and as part of a team in a fast-paced environment.
\tStrong writing and collaboration skills, with the ability to effectively convey complex security concepts to technical and non-technical stakeholders as well as keep cybersecurity documentation up to date and current.
\tAbility to work in an Agile / Scrum environment.