Security & Compliance AnalystNational Coordination Center by Edera L3C • Saint Paul, Illinois, United States
Dieses Stellenangebot ist nicht mehr verfügbar
Security & Compliance Analyst
National Coordination Center by Edera L3C
- Saint Paul, Illinois, United States
- Saint Paul, Illinois, United States
Über
Edera L3C is a fast‑growing healthcare consultancy that addresses today’s issues and helps create tomorrow’s solutions by connecting the brightest minds in healthcare. Our team of management, technology and creative services consultants work collaboratively with industry experts who bring deep experience and expertise to create transformational business solutions. We believe complex challenges and multi‑facied opportunities call for multi‑disciplinary approaches and that’s how we work. We bring industry best practices from the private sector to government and from government to the private sector to transform healthcare. Edera is an L3C (a variation of a limited liability company) that places "purpose before profit"; a social enterprise venture. This means we are focused on a socially beneficial mission to transform organizations rather than being driven to maximize income. Profits beyond our business sustainability goals are reinvested into communities or clients.
We are seeking a Security & Compliance Analyst to support the organization’s compliance with CMMC Level 2 requirements. This role focuses on documentation accuracy, monitoring, evidence collection, and ongoing improvement of cybersecurity processes. Remote work options are available.
Employment Details This position offers flexible engagement options and may be structured as a full‑time, part‑time, contract, or 1099 role depending on candidate availability and project needs. The role is fully remote and carries no supervisory responsibilities. The position reports directly to the Director of Technology.
Compensation will be determined based on experience, employment status, and market analysis.
Responsibilities
Maintain the Compliance Management System (CMS), including evidence, policies, control mappings, and quarterly updates.
Support updates to the System Security Plan (SSP), ensuring descriptions of boundaries, inherited controls, and implementations match actual system configurations.
Update and track POA&M items and maintain Customer Responsibility Matrices (CRMs).
Perform weekly device compliance checks and monthly vulnerability reports; track endpoint remediation activities.
Review Azure AD sign‑in logs, Microsoft Sentinel analytics rules, and Microsoft Defender alerts for accuracy and anomalies.
Maintain audit logging evidence, retention documentation, and quarterly security posture summaries.
Support identity and access management by validating MFA enforcement, privileged account inventories, and least privilege access reviews.
Maintain hardware/software inventories, configuration baselines, and documentation of authorized changes.
Track personnel security requirements including training, policy acknowledgment, CUI/Insider Threat training, and background check evidence.
Support Incident Response Plan updates, incident documentation, and annual tabletop exercise execution.
Conduct vulnerability scans, track remediation timelines, and support quarterly risk assessments.
Validate boundary protections, encryption controls, removable media restrictions, and other system safeguards.
Maintain malware protection settings, monitor federal security advisories, and track flaw remediation timelines.
Prepare evidence packets and maintain readiness for CMMC Level 2 assessments.
Required Knowledge and Skills
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience.
Understanding of CMMC, NIST 800‑171, DFARS, and general cybersecurity principles.
Experience with Microsoft 365 security tools (Azure AD, Microsoft Defender, SIEM/Sentinel).
Strong analytical, documentation, and communication skills.
Ability to work independently in a remote or hybrid environment.
Preferred Qualifications
Security+, SSCP, or similar foundational certifications.
Experience supporting audits, assessments, or cybersecurity governance activities.
All applicants must be U.S. citizens and able to obtain a Public Trust clearance. Edera participates in the E‑Verify program. Edera is a drug‑free workplace.
Equal Opportunity Statement Edera is an Equal Opportunity and affirmative action employer. Edera prohibits discrimination based on race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other protected class. Edera takes affirmative action to employ and advance individuals without regard to those categories.
Desirable (Not Required) Skills/Experience
PMP or SAFe certification.
Prior military or DHA experience.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot wurde von einem unserer Partner veröffentlicht. Sie können das Originalangebot einsehen hier.