Cyber Security Analyst #112180
Infrastructure & Support
CentennialCO Direct Hire May 2, 2023


No sponsorship from client at this time

5 days a week onsite


Our client, a Colorado based manufacturing company, is seeking a Cyber Security Analyst to join the team. This role in onsite and direct hire.


The Cyber Security Analyst will perform and sometimes lead cyber security functions on projects and support in Cyber Security on products offered to Customers. This includes Safeguards information system assets by identifying potential cyber security risks, mitigating those risks, putting safeguards into place, getting various certifications for solutions, and solving cyber security problems. Protect commercial systems by reviewing and defining access rights, control structures, and resources.  Performing both proactive and reactive recognition of cyber security potential problems by identifying abnormalities, vulnerabilities, reporting, loggings, and mitigating those risks.  Determines security violations and risks by coordinating and conducting vulnerability tests and documented audits.  Keeping CIO informed of status, generation of reports published on Intranet which will include risks, penetration test results/actions, risks, and other related performance reports.



  • Safeguard commercial software, architecture, and solutions by identifying and solving potential and actual security risks and resolving problems.
  • Software and Application security vulnerabilities 
  • Software and related cloud security deployment and containers
  • Defining and implementing the build, deployment, and monitoring standards
  • Protects systems and information by identifying risks on access privileges, control structures, and identifying resources.
  • Facilitates regular vulnerability tests on commercial offering, working with trusted vendor partners, and acting as backup to lead Cyber SME. 
  • Implements security improvements by assessing current situation, evaluating risks and trends, and anticipating mitigation actions.
  • Determines security violations and inefficiencies by coordinating and conducting periodic audits.
  • Creates and Executes security test simulation attacks targeting users to create security awareness, training, and security practices/programs amongst users.   Generating reports of findings and risk awareness on Intranet.
  • Subject Matter Expert in latest Cyber Security tools, trends, and best practices including SIEM, EDR, Firewalls, and Networking
  • Upgrades system by implementing and maintaining security controls.


Required Skills:

  • Security first mindset
  • Bachelor’s Degree in Computer Science, Information Systems, or related degree + 4 years relevant experience or 12 years relevant experience
  • Advanced certifications a plus (SANS GIAC/GCIA/GCIH, CISSP, EDR, or CASP and/or SIEM-specific training and certification)
  • Understanding of mobile technology and OS (i.e. Android, iOS, Windows), VMware technology, and Unix
  • Demonstrated experience with secure development, coding, software engineering practices
  • Experience with systems reliability, load balancing, monitoring, logging
  • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, firewalls, common security elements in a global multi-site international environment.
  • Advise, support, educate, and enforce Software Development Cyber Security best practices
  • Hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations
  • Experience with vulnerability scanning solutions
  • Proficiency with combinations of the following: EDR, Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security
  • In-depth knowledge of IT architecture, IT engineering, and IT operations of at least one enterprise SIEM platform (e.g. Rapid7, Splunk, Nitro/McAfee Enterprise Security Manager, Crowdstrike, ArcSight, QRadar, LogLogic, Splunk)
  • Able to communicate complex technical information to non-technical audiences