Security Analyst (On-Site)

As a Security Analyst you will utilize your skill and knowledge set to protect the organization's environments from internal and external threats while maintaining confidentiality, integrity, and accessibility of the privileged data. By leveraging your abilities to identify threats posed through emerging vulnerabilities, misconfigurations, and social engineering you will lower the amount of risk facing the organization and our customers.

Neumo is seeking a Security & Vulnerability Analyst to play a key role in strengthening and maintaining the organization's overall security posture. This position is ideal for a hands-on professional with experience in incident response, vulnerability management, and security analysis who thrives in a collaborative, cross-functional environment.

In this role, you will be responsible for monitoring and responding to security events, conducting in-depth analysis of potential threats, and identifying vulnerabilities across systems, applications, and infrastructures.

For positions in Solano County, CA: Please note that this position requires passing a California Law Enforcement Telecommunications (CLETS) background check, and authorization to work in the United Stats (see below for specifics):

https://www.fbi.gov/services/cjis, * Monitor and analyze security alerts and events from SIEM, EDR, and other security tools to identify potential threats

• Investigate and respond to security incidents, including containment, eradication, and recovery actions
• Perform root cause analysis and document incidents with detailed findings and recommendations
• Conduct regular vulnerability scans across systems, applications, and networks using approved tools
• Analyze vulnerability scan results, prioritize risks based on severity and business impact, and track remediation efforts
• Partner with system owners and engineering teams to ensure timely patching and mitigation of identified vulnerabilities
• Drive end-to-end vulnerability remediation efforts, including validation of fixes and closure of findings
• Maintain accurate reporting and metrics on vulnerabilities, remediation status, and overall risk posture
• Perform proactive threat hunting and identify gaps in detection capabilities
• Perform other duties as assigned

Do you have experience in Vuls?, Do you have a Bachelor's degree?, * Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field is preferred. Equivalent combination of education, training, and relevant work experience may be considered in lieu of a degree.

• 2-4 years of experience in cybersecurity, information security, or IT operations, with direct experience in at least one of the following areas:

• Security Operations Center (SOC) monitoring and incident response
• Vulnerability management and remediation
• Security analysis, threat detection, or risk assessment

Knowledge, Skills and Abilities:

• Strong understanding of cybersecurity principles, including defense-in-depth, least privilege, and risk-based security management
• Experience with Security Information and Event Management (SIEM) platforms for monitoring, alerting, and incident investigation (e.g. Microsoft Sentinel)
• Hands-on experience with Endpoint Detection and Response (EDR) tools for threat detection, containment, and response(Microsoft Defender foe Endpoint)
• Proficiency in vulnerability management tools (e.g., Tenable)
• Vulnerability scanning and configuration
• Solid understanding of incident response lifecycle, including detection, analysis, containment, eradication, and recovery
• Knowledge of networking fundamentals, including TCP/IP, DNS, firewalls, VPNs, and common attack vectors
• Familiarity with operating systems:
• Experience analyzing and interpreting security logs, system logs, and threat intelligence feeds
• Understanding of cloud security concepts in environments such as Microsoft Azure, AWS, or hybrid infrastructure
• Ability to apply cybersecurity frameworks and standards, including NIST Cybersecurity Framework and ISO/IEC 27001
• Strong skills in risk analysis and prioritization, translating technical vulnerabilities into business impact
• Basic scripting or automation knowledge (e.g., PowerShell, Python, or Bash) is a plus for improving efficiency and reporting.
• Hands on experience with Azure Identity

Work Environment:

• Office setting with a moderate noise level.
• The employee will work at an individual workstation, using a telephone and computer.

Physical Demands:

• Must be able to remain seated for extended periods.
• Regular use of a computer and other office machinery, such as printers and copy machines.
• Occasional movement around the office.
• Frequent communication via telephone.

Neumo offers a competitive benefits and compensation package and are looking for team members who will thrive in our dynamic environment.

With the backing of four decades of public sector expertise and corporate capability, Neumo has successfully supported government services. Neumo was honored and recognized for four (4) consecutive years as a GovTech 100 Company representing the top 100 companies focused on making a difference in and selling to state and local government agencies across the United States. Neumo is committed to helping communities thrive and brings a wealth of experience combined with innovation. Today, Neumo offers more administrative and financial support to government officials than any other organization. And with a responsive, client-focused approach, we foster partnerships that give our customers the certainty they need to accomplish more.