Senior Cybersecurity Analyst

Senior Cybersecurity Analyst

Job Description

Prism is seeking a Senior Cybersecurity Analyst to support a critical enterprise client. This senior-level position emphasizes conducting risk assessments, analyzing security incidents, and maintaining compliance with industry cybersecurity standards. The ideal candidate brings deep technical expertise and the ability to collaborate across IT security, compliance, and infrastructure teams.

This opportunity is ideal for cybersecurity professionals with hands-on experience in NIST-based security control implementation, incident response, and continuous monitoring, especially those Looking to provide strategic support to Information System Security & Privacy Officers (ISSPOs) or similar roles in a high-impact environment.

Responsibilities:

• Conduct detailed Security Impact Analyses (SIAs) for hardware/software changes, security baseline updates, and external/public-facing systems.
• Perform in-depth risk assessments on general support systems and applications; recommend remediation strategies and track resolution.
• Support development and validation of security control implementation statements in alignment with NIST SP 800-53 and organizational policies.
• Analyze and respond to security incidents, assess their impact, and provide recommendations to service owners and change coordinators.
• Identify and document control deficiencies, contributing to Plan of Action & Milestones (POA&M) development and remediation tracking.
• Assist in the development and enforcement of security policies and technical procedures.
• Support Continuous Monitoring by verifying control effectiveness and ensuring changes align with system security plans (SSPs).
• Update key security documentation, including system boundaries, architecture diagrams, and technical narratives following system changes.
• Contribute to Governance, Risk, and Compliance (GRC) activities, such as policy reviews, standards exceptions, and waiver processing.
• Participate in cross-functional collaboration with networking, infrastructure, and cloud teams to ensure secure system configurations.
• Support project management activities, including preparation of status reports, briefings, and planning deliverables.

Qualifications

Requirements:

• Bachelor's degree with 7+ years of cybersecurity experience, or Master's degree with 5+ years.
• At least 3 years of hands-on experience with IT security controls in diverse environments (e.g., Windows, Unix/Linux, Azure).
• Proven knowledge of the NIST Risk Management Framework (RMF), NIST SP 800-53, and broader compliance frameworks.
• Experience analyzing risks and implementing technical controls using NIST and organization-specific guidance.
• Strong understanding of IT infrastructure, including networking, cloud, and enterprise platforms.
• Excellent analytical, technical writing, and verbal communication skills.
• Ability to effectively review, refine, and present security documentation for stakeholder and client submission.

Preferred Qualifications:

• One or more current certifications: CISSP, CISM, or Security+.
• Experience with GRC tools such as CSAM or similar platforms.
• Working knowledge of continuous monitoring strategies and security governance practices in large enterprise environments.
• Familiarity with cloud compliance frameworks and privacy standards.

Background Check:

• All candidates must be eligible to successfully complete and maintain a comprehensive background check.

Hybrid Role:

• This hybrid role requires a minimum of three on-site days per week in Washington, DC.