Cyber Security Analyst

Title: Cyber Security Analyst

Location: Remote (U.S. New York Preferred)

About Rhymetec:

Rhymetec was founded in New York City in 2015 growing steadily in the areas of compliance cyber security and data privacy. Our mission is to ensure our clients are compliant faster so they can focus on their core business and less on the complexities of building effective and compliant infosec programs.

This role is fully remote.

Job Description: 

The Cyber Security Analyst (CSA) will be responsible for architecting developing and implementing solutions that help Rhymetec's clients achieve manage and measure security metrics and compliance requirements. The role will work closely with their team to help design and deliver security and compliance objectives and have the ability to help drive foundational changes in internal cloud platforms to enhance their security posture.  The ideal candidate will have a team first mentality and fit within the core values and culture at Rhymetec along with project management experience and knowledge with customized compliance road maps for clients. This person will be responsive to both customers and team members with communications be detail oriented and hold a high level of autonomy to complete work on time and with quality.

Responsibilities: 

• Prepare agendas and reference documents for meetings with clients.
• Assist in building and managing cyber security programs for Rhymetec’s customers based on industry standard cyber security compliance frameworks.
• Conduct meetings with clients regularly.
• Configure performance monitoring alarms in AWS Azure GCP Datadog and other cloud infrastructures.
• Configure Security alarms and Intrusion Detection Systems in AWS GCP Azure
• Set up supporting security applications.
• Set up mobile device management applications such as Jamf Jumpcloud Microsoft Endpoint manager Hexnode etc.
•  Configure and maintain compliance monitoring platforms.
• Conduct internal audits risk assessments and generate reports.
• Conduct Incident Response Tabletop exercises with clients.
• Conduct Business Continuity and Disaster recovery tabletop exercises with clients
• Document and lead incident response process should an incident arise.
• Translate SOC 2 Type 2 ISO 27001 CMMC GDPR and HIPAA controls into actionable items for clients.
• Conduct employee access reviews SaaS vendor security assessments and gap assessments.
• Triage bug/vulnerability reports from security researchers.
• Complete security questionnaires on behalf of clients.
• Draft supporting documents for clients’ information security management systems and information security policies.
• Gather and maintain evidence of compliance for various frameworks.
• Lead engagements with auditors on behalf of clients.
• Communicate tasks to clients’ employees and educate clients on security best practices.

Qualifications: 

• Bachelor's Degree from an accredited university in a Technology or Cybersecurity field OR 4+ years of direct experience in listed areas.
•  3+ years of work experience working with technology cybersecurity and regulatory compliance.
• Experience in customer service and ability to develop professional relationships with customers.
• Extensive knowledge of compliance regulatory frameworks and implementing SOC 2 ISO27001 CMMC HIPAA GDPR NIST 800-53 and other compliance frameworks.
• Strong logical security skills with experience in cloud security.
• Understanding of cloud environments (AWS GCP Azure) and integrating security controls through DevOps and Infrastructure as a Service (IaaS) techniques.
• Preferred Certification(s):  Cloud+ CySA+ CISSP CISM.
• Quarterly travel may be required.

Benefits

Rhymetec offers a robust employee package including:

• Employee covered medical premiums (100%)
• Dental and Vision Benefits
• PTO and Sick Time including 11 paid Holidays
• 401K retirement plans with company match options
• Company paid Life Insurance
• Annual Subscription to TalkSpace (online counseling & therapy service)
• Summer Fridays!

Rhymetec is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment regardless of race color religion gender gender identity or expression sexual orientation national origin genetic disability age or veteran status.

What We Do

At Rhymetec our security experts have built and continue to manage over 250 SaaS-based companies' infosec and data privacy programs. We act as an extension of your team and leverage cutting-edge technologies to get customers compliant with frameworks like SOC 2 ISO 27001 HIPAA GDPR/CCPA and more in a much shorter timeframe. While most companies offer services for cybersecurity and data privacy OR consulting—Rhymetec offers both. We consult on developing a more effective infosec program within your unique environment and provide the services needed to achieve improve and maintain a strong security posture. Our mission is to reduce the complexities of cloud security making forward-thinking cybersecurity services more accessible to SaaS-based startups. We're here to help you fast-forward your cybersecurity compliance and data privacy programs. To learn more check out our managed vCISO (Virtual CISO) ISO Internal Audit Penetration Testing PCI Scanning and Phishing Testing & Training Services: Rhymetec.com

Why Work With Us

Rhymetec is a fully remote cybersecurity MSSP helping SaaS companies stay secure and compliant. We’re people-first: high ownership flexible work supportive teammates and continuous learning. Your ideas ship your impact is visible and your growth is backed with mentorship certifications and client outcomes. Join us to shape modern security!

Gallery