Key Facts

Remote From:

Connecticut (USA)

Full time

Senior (5-10 years)

English

Hard Skills

Other Skills

•
Governance
•
Non-Verbal Communication
•
Analytical Skills
•
Teamwork
•
Detail Oriented

Roles & Responsibilities

8-10 years of progressive experience in Information Security / Cybersecurity
Demonstrated experience across security governance, risk management, security operations, and incident response
Hands-on experience with SIEM technologies, IDS/IPS, endpoint security tools, vulnerability assessment platforms, and security event analysis
Knowledge of NIST CSF, RMF, and security controls governance; incident response methodologies

Requirements:

Develop, review, and maintain information security policies, standards, and procedures; align governance with NIST CSF 2.0, ISO 27001, and CIS Controls; maintain audit-ready documentation
Conduct enterprise security risk assessments and maintain IT Risk Taxonomy, IT Risk Register, and Control Inventory; support Risk Control Self-Assessments (RCSA) and remediation planning
Monitor security operations and analyze events using SIEM, IDS/IPS, DLP, and endpoint protection; propose detection tuning and incident response improvements
Support compliance activities including SOC testing and audits; ensure alignment with FISMA, NIST RMF, and FedRAMP where applicable; promote cybersecurity awareness across City departments

Navitas Partners, LLC

About Navitas Partners, LLC

Navitas Partners LLC is a diversity led business, headquartered in NJ, as a dynamic IT professional services and workforce solutions company. We believe creating the best solutions in human resource services means always going above and beyond - and people are our most important asset. Our “DNA” invokes core values of knowing, trusting and serving our relationships. The better we know our clients and candidates, the better our relationship, and the better we match the needs and exceed expectations. We want our client’s experience with us to reflect a transparent, professional and driven relationship. At Navitas Partners we strive for Excellence in People, and grow with you to become a true extension of your HR specific business requirements, while remaining sensitive to your price & business needs. Certified Diversity Employer: SBE • WOSB • WBE • MBE • NMSDC NAICS: 541511, 541512, 541513, 541519, 54164, 518210, 811212, 561320 https://form.jotform.com/223145471243247

Company type: SME

Founded: 2018

Company size: 51 - 200

Website LinkedIn See all jobs →

Job description

Position 1: Information Security Analyst
Location: Stamford, Connecticut (Onsite / Hybrid as required)
Engagement Type: Contract / Consulting Assignment
12 Months
Role Overview
We are seeking an experienced Information Security Analyst to support and strengthen the
City's cybersecurity, risk management, and compliance programs. This role will serve as a
key contributor in developing security governance frameworks, conducting risk assessments,
supporting security operations, and ensuring regulatory and standards alignment.
The ideal candidate will bring deep expertise in cybersecurity analysis, risk management,
incident response, and security technologies, along with the ability to collaborate across
technical and non-technical stakeholders.
Key Responsibilities
Security Governance & Policy Management
• Develop, review, and maintain information security policies, standards, and
procedures
• Align governance practices with NIST CSF 2.0, ISO 27001, CIS Controls
• Support development of security control frameworks
• Maintain audit-ready documentation
Risk & Control Management
• Conduct enterprise security risk assessments
• Develop and maintain:
o IT Risk Taxonomy
o IT Risk Register
o Control Inventory
• Support Risk & Control Self-Assessments (RCSA)
• Identify control gaps and recommend remediation strategies
Security Operations & Monitoring
• Support and monitor security tools including:
o SIEM platforms
o IDS/IPS systems
o Data Loss Prevention (DLP)
o Endpoint Protection Solutions
• Analyze security events and alerts
• Recommend detection, tuning, and response improvements
Vulnerability & Threat Management
• Perform vulnerability scans and assessments
• Analyze findings and prioritize remediation
• Support threat intelligence and proactive defense initiatives
Incident Response & Investigation
• Detect, investigate, and respond to cybersecurity incidents
• Support breach analysis and containment activities
• Document root cause analysis and corrective actions
Compliance & Audit Support
• Support SOC testing and security audits
• Ensure alignment with:
o FISMA
o NIST RMF
o FedRAMP (as applicable)
• Prepare compliance artifacts and evidence
Security Awareness & Advisory
• Support cybersecurity awareness initiatives
• Promote best practices across City departments
Required Qualifications
• 8–10 years of progressive experience in Information Security / Cybersecurity
• Demonstrated experience in:
o Security governance
o Risk management
o Security operations
o Incident response
Required Technical Skills
• SIEM technologies
• IDS/IPS systems
• Endpoint security tools
• Vulnerability assessment platforms
• Security event analysis
Required Knowledge Areas
• NIST Cybersecurity Framework (CSF)
• Risk Management Framework (RMF)
• Security controls & governance
• Incident response methodologies
Preferred Qualifications
• Government / municipal cybersecurity experience
• Cloud security exposure (AWS / Azure / GovCloud)
• Experience supporting audits / SOC assessments
• Industry certifications preferred:
o CISSP
o CISM,
o CISA,
o CEH
Core Competencies
• Strong analytical and investigative skills
• Excellent written and verbal communication
• Ability to translate security risks for business stakeholders
• High attention to documentation and compliance detail
• Ability to operate independently and collaboratively

Ready to apply?

APPLY

Share ·