Cybersecurity Analyst III
Posted on: June 23, 2022
At CoreCivic, our employees are driven by a deep sense of
service, high standards of professionalism and a responsibility to
better the public good. CoreCivic is currently seeking a
Cybersecurity Analyst III located at our corporate office in
Brentwood, TN. Come join a team that is dedicated to making an
impact for the people and communities we serve. Who We Are:
CoreCivic is a diversified government solutions company with the
scale and experience needed to solve tough government challenges in
cost-effective ways. We provide a broad range of solutions to
government partners that serve the public good through high-quality
corrections and detention management, innovative and cost-saving
government real estate solutions, and a growing network of
residential reentry centers to help address America's recidivism
crisis. We are the nation's largest owner of partnership
correctional, detention and residential reentry facilities and have
been a flexible and dependable partner for government for more than
30 years. What We Have:
- More than just a job but the start of
a successful career!
- Supportive environment where employee growth is promoted.
- Comprehensive benefits package & competitive wages.
- PTO & paid holidays.
- Paid job training & other great incentives. What You Get To Do:
The Cybersecurity Analyst III leads the development and maintenance
of the CoreCivic cyber regulatory compliance program to support the
alignment of security architectures, plans, controls, processes,
policies and procedures with security standards and operational
goals. Serves as the technical leader with a high degree of
knowledge in the field and demonstrated expertise in specific
areas. Problem-solves, analyzes unique issues and problems without
precedent or structure. Completes assignments, projects, and tasks
of complex to highly complex scope and complexity.
Leads the validation process to
ensure that Information Security Policy and Standard documents meet
or exceed industry standards, compliance requirements and
customer/client expectations. Maintains the Information Security
Program documentation. Leads initiatives to automate business
processes to improve efficiency, ensuring that systems follow
defined policy guidelines and written policies are integrated into
existing systems were applicable.Collaborates beyond organizational
boundaries and proactively identifies the best strategies to drive
business value. Works in close partnership with senior leadership
to influence the overall direction of information security
compliance. Develops detailed recommendations for mitigating
complex to highly complex findings and process improvement
projects. Consolidates and analyzes the organization's critical
cyber findings, vulnerabilities, and gaps to support and develop
solutions and to provide a cyber-posture/picture. Maintains
findings, vulnerabilities and gaps in a mitigation tracker.
Performs broad in-depth control testing, documents results and
provides detailed updates to stakeholders, including analysis of
vulnerability scans, compliance scans, and performs broad in depth
system tuning based on threat indicators. Makes complex to highly
complex recommendations to enhance security controls and mitigate
risks. Leads the maintenance and enhancement of internal processes
and tools used to respond to external requests related to
information security using GRC tools, MS Office and SharePoint.
Conducts in-depth research on inquiries about information security
using policies, internal tools, and internal Subject Matter Experts
(SMEs) while building and maintaining relationships with technology
and business stakeholders and responding to client and regulatory
requests.Serves as point of contact and leads complex to highly
complex projects with internal and external partners to support
initiatives and program designed to enhance information security.
Manages programs that include formulating strategies and
administering policies, processes, and resources. Serves as a
resource to less experienced staff in the identification or
resolution of complex issues.Domestic U.S. travel may be
- Graduate from an accredited college or university with a
Bachelor's degree in a related field is required. Six years of
related work experience is required. Additional years of related
work experience may be substituted for the education requirement on
a year-for-year basis.
- In-depth knowledge of industry standard regulations and risk
management frameworks and standards (e.g., ISO, PCI, NIST, COBIT,
GAPP, HIPAA, HITRUST) required.
- In-depth knowledge of real-time security situational awareness,
operational network systems, and security monitoring required.
- In-depth experience reviewing and writing enterprise level
security policies for a largescale organization in support of
Federal policies required.
- In-depth knowledge of SIEM and security scanning applications,
Governance Risk and Compliance tools, Microsoft Teams and
SharePoint are preferred.
- Relevant certification in Risk or IT is required. Suggested
certifications for position include, but are not limited to:
Certified Information Systems Security Professional (CISSP);
Certified Information Security Manager (CISM); Certified
Information Systems Auditor (CISA); Certified Cloud Security
Professional (CCSP); or Offensive Security Certified Professional
- In-depth experience with the Authority to Operate (ATO) process
and documentation including SSPs, and POAMs is required.
- Strong written and verbal communication skills are
- Proficiency in Microsoft Office applications is required.
- U.S. citizenship is required.
- A valid driver's license is required. CoreCivic is a Drug-Free
Workplace and EOE - including Disability/Veteran.
Keywords: CoreCivic, Franklin , Cybersecurity Analyst III, Professions , Franklin, Tennessee
Didn't find what you're looking for? Search again!