Senior Information Security Analyst

Information Security Analyst

MGT Impact Solutions is seeking a qualified candidate to be an Information Security Analyst for one of its Municipal Government Clients. Successful candidates will be MGT employees contracted to the MGT Client.

The role is a full-time (35 hours per week) position contracted through the end of a 6–12-month engagement with the possibility to extend based on performance and funding availability.

• Support the development and operationalization of the client’s cybersecurity and IT risk management program.
• Develop and maintain information security policies, standards, and procedures aligned with federal and industry frameworks.
• Build and maintain an enterprise IT risk register, risk taxonomy, and control inventory.
• Conduct risk assessments across applications, infrastructure, and enterprise systems.
• Perform SOC testing and assist with SOC audits and compliance reviews.
• Monitor cybersecurity events and support incident response and remediation activities.
• Support the implementation and maintenance of security tools including SIEM, IDS/IPS, DLP, and endpoint protection solutions.
• Assist with POA&M development and remediation tracking for identified security gaps.
• Provide security awareness training and guidance to employees and stakeholders.
• Serve as a cybersecurity risk advisory resource across departments.

• Develop and maintain information security policies, procedures, and standards.
• Establish and maintain IT risk management documentation including risk registers and control inventories.
• Conduct vulnerability scans and targeted risk assessments.
• Monitor and analyze security alerts and incidents across enterprise systems.
• Support incident response activities, including investigation, containment, and remediation.
• Participate in audits, compliance assessments, and documentation development.
• Assist in implementing cybersecurity frameworks and best practices aligned with NIST guidance.
• Collaborate with IT teams and business units to identify and mitigate cybersecurity risks.

• Knowledge of cybersecurity frameworks such as NIST Cybersecurity Framework (CSF), NIST RMF, ISO 27001, and CIS Controls
  .
• Experience with IT risk management, risk assessments, and control frameworks
  .
• Familiarity with SOC testing, compliance assessments, and audit processes
  .
• Hands‑on experience with security tools such as SIEM platforms, IDS/IPS, DLP, endpoint protection, and vulnerability management tools
  .
• Understanding of incident response procedures and vulnerability management practices
  .
• Familiarity with cloud security environments (AWS, Azure, or Gov Cloud) preferred.
• Strong analytical, documentation, and communication skills.
• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field (or equivalent professional experience).
• Relevant certifications such as CISSP, CISM, CISA, CRISC, or Security+ are preferred.

• Minimum 8–10 years of progressive experience in information security, cybersecurity operations, or IT risk management
  .
• Experience implementing or supporting NIST-aligned cybersecurity programs
  .
• Experience conducting risk assessments and vulnerability management activities
  .
• Experience supporting security audits, SOC testing, and compliance initiatives
  .
• Ability to collaborate with cross‑functional teams and communicate security risks effectively.
• Ability to work on‑site with client teams in a government environment
  .
• Background screening may be required.

Hourly wages $70-$95
, based on experience. MGT employee benefits include up to a 5% match for the 401(k) retirement plan and a comprehensive medical/health benefits package.

Apply online with resume and cover letter to the job posting on . Positions will remain open until they are filled. Candidates with questions are encouraged to contact snqvi.

Posted: