Job Description

Title: Security Analyst (Please note it is a W2 Contract)

Location: Redwood City, CA

Duration: 3 Years

Rate: $50-$55/Hour on W2

Job Description:

Requirements:

Job Responsibilities:

• In this role, you will support the research community by providing support and guidance on information security matters. You will collaborate with local Stanford IT groups and Stanford Research Computing to help implement and improve security measures that meet NIST 800-171 standards.
• Your main responsibilities will include helping to execute a strategy that prepares the university for an increasing number of security audits and changing regulatory requirements, particularly focusing on the Cybersecurity Maturity Model Certification (CMMC) and NIST 800-171 standards. This will involve helping to assess the university's current security practices and identifying any gaps that could affect compliance. You will assist in implementing best practices and guidelines to strengthen cybersecurity measures and support audit preparations.
• You will also play a key role in developing an awareness and training program aligned with NIST to educate the organization to foster a culture of security awareness and responsibility.

Typical Activities:

• Assist in the preparation and implementation of the NIST readiness project, ensuring alignment with NIST frameworks and guidelines to improve the organizationʼs security posture.
• Collaborate in developing and executing a comprehensive strategy to prepare the university for security audits and regulatory requirements, with a particular focus on the Cybersecurity Maturity Model Certification (CMMC).
• Support the assessment and implementation of security controls in accordance with NIST standards, assisting in identifying gaps and recommending corrective actions.
• Develop and deliver an awareness and training program aligned with NIST to educate the organization.
• Collaborate in the review and update of security policies and procedures to ensure they meet NIST requirements and reflect best practices in cybersecurity.
• Support the monitoring of security controls and risk management practices, regularly evaluating the effectiveness of existing security measures.
• Help prepare and maintain documentation related to security policies, procedures, and compliance efforts, including risk assessments and operational reports.
• Collaborate with cross-functional teams, including IT, Finance, Human Resources, and Legal, to integrate information security into the organization's overall risk management program.
• Keep abreast of industry trends, emerging threats, and evolving regulatory requirements to inform security practices and compliance strategies.
• Perform any other related duties assigned to support the organization's information security program.

Requirements:

Minimum Education & Experience Required:

• Youʼre a well-rounded, critical thinker with a bachelor’s degree (or equivalent experience).
• A minimum of three years of experience in information security, risk management, or compliance.

Qualifications:

• Experience in information security, risk management, and compliance.
• Knowledge of industry standards and regulations, particularly NIST & HIPAA.
• Strong analytical and problem-solving skills, with the ability to identify and assess security risks.
• Exposure to security audits, risk assessments, or vulnerability assessments.
• Knowledge of security technologies such as encryption, firewalls, intrusion detection systems, and SIEMs.
• Experience working as part of a team in cybersecurity, information security, assurance or related fields.
• Ability to express complicated, highly technical information using accessible language, proficiently in English, to a wide variety of audiences with varying degrees of technical savviness.
• Ability to stay up to date with the latest security threats, technologies, and industry regulations.

Bonus Points & Plusses:

• Knowledge of ISO 27001 and PCI DSS.
• Security+ or other professional cybersecurity certifications.
• Proficiency in setting up and managing a learning management system (LMS), including course creation and configuration
• Prior work in a highly regulated industry or higher education.

Job Tags

Similar Jobs