Information Security Analyst
Role summary
We are seeking an experienced Information Security Analyst to join a municipal cybersecurity program. This role supports executive leadership by strengthening enterprise security, ensuring regulatory compliance, and protecting critical systems. Responsibilities include developing security policies, managing IT risk, conducting assessments, monitoring security events, and maintaining security tools. The ideal candidate will have 8-10 years of experience in information security within regulated environments, with expertise in SIEM, IDS/IPS, firewalls, endpoint tools, vulnerability platforms, and cloud security (AWS, Azure, GovCloud). Knowledge of Zero Trust architecture and NIST CSF 2.0 is also required. This is an onsite, full-time position.
Position Summary We're seeking a highly experienced Information Security Analyst to support a municipal-level cybersecurity program. This role reports to executive cybersecurity leadership and is responsible for strengthening enterprise security posture, ensuring regulatory compliance, and protecting critical systems and sensitive data.
Key Responsibilities Develop and maintain information security policies, standards, and procedures Maintain IT risk taxonomy, risk register, and control inventory Align security program with NIST, FISMA, FedRAMP, ISO 27001, CIS Controls Lead Technology Risk and RCSA processes Conduct risk assessments, vulnerability scans, SOC testing, and audits Support audits, compliance reviews, POA&M tracking Monitor and respond to security events; lead incident containment/remediation Maintain SIEM, IDS/IPS, DLP, and endpoint protection tools Manage threat intelligence processes Advise leadership on cybersecurity risks and trends Provide security awareness training and executive-ready communications Required Deliverables IT Risk Taxonomy (NIST RMF aligned) Enterprise IT Risk Register Risk Assessment Methodologies SOC Testing Framework & RCSA Model Threat Intelligence Process Documentation Compliance & remediation tracking Minimum Qualifications 8–10 years in Information Security, Risk Management, or IT Security Operations Experience developing enterprise security programs in regulated environments Expertise with: SIEM, IDS/IPS, Firewalls, Endpoint tools, Vulnerability platforms Knowledge of Zero Trust architecture Understanding of NIST CSF 2.0, NIST RMF, ISO 27001, CIS Controls Cloud security experience (AWS, Azure, GovCloud) Strong analytical, investigative, and communication skills Preferred Qualifications Experience in municipal, state, or federal environments Certifications: CISSP, CISM, CRISC, CEH, GIAC Experience with POA&M remediation and compliance reporting Core Competencies Enterprise Risk Management Security Governance & Compliance SOC & Control Testing Incident Response Threat Intelligence Zero Trust Architecture Cross-Functional Collaboration
#SolvoHRGlobal
#LI-PROMOTED
#LI-Onsite
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
Similar roles
Information Security AnalystInnova Solutions · Chandler, Arizona, United States · Onsite
Information Security AnalystAviat Networks · Austin, Texas, United States · Onsite- Information Security AnalystFCT · Georgia, Georgia, United States · Remote
Information Security AnalystSystem High Corporation · Huntsville, Alabama, United States · Onsite
Information Security AnalystCryptic Vector · Miamisburg, Ohio, United States · Onsite
