Senior Cyber Security Analyst

Join the Trinnex Security Team as a Senior Cyber Security Analyst, where you will operate at the intersection of cybersecurity and DevSecOps to protect critical software systems that support water utilities and infrastructure. In this role, you'll focus on securing the software development lifecycle-embedding security controls, identifying vulnerabilities, and ensuring that applications deployed in water environments are resilient against evolving threats.

You will work closely with engineering and development teams to safeguard systems that communities depend on, applying advanced threat detection, vulnerability management, and secure development practices. This position offers the opportunity to directly impact the reliability and security of essential services while driving modern DevSecOps practices and strengthening the organization's overall security posture.

• Conduct advanced security monitoring, analyzing complex alerts and traffic anomalies; develop custom monitoring rules to detect emerging threats.

• Lead response efforts for complex incidents (e.g., APTs, data breaches), including forensic analysis and root cause determination.

• Design and execute vulnerability assessments, penetration tests, and simulated attack scenarios across infrastructure and applications.

• Partner with IT and software development teams to remediate vulnerabilities and strengthen secure coding practices within the SDLC.

• Perform detailed reviews of security controls and compliance with regulatory and security frameworks; lead remediation efforts.

• Research advanced threat actors and develop forward-looking threat intelligence and defense strategies.

• Mentor junior analysts and contribute to team capability development.

• Support development and execution of enterprise security strategies aligned with business objectives., CDM Smith Inc. and its divisions and subsidiaries (hereafter collectively referred to as "CDM Smith") reserves the right to require background checks including criminal, employment, education, licensure, etc. as well as credit and motor vehicle when applicable for certain positions. In addition, CDM Smith may conduct drug testing for designated positions. Background checks are conducted after an offer of employment has been made in the United States. The timing of when background checks will be conducted on candidates for positions outside the United States will vary based on country statutory law but in no case, will the background check precede an interview. CDM Smith will conduct interviews of qualified individuals prior to requesting a criminal background check, and no job application submitted prior to such interview shall inquire into an applicant's criminal history. If this position is subject to a background check for any convictions related to its responsibilities and requirements, employment will be contingent upon successful completion of a background investigation including criminal history. Criminal history will not automatically disqualify a candidate. In addition, during employment individuals may be required by CDM Smith or a CDM Smith client to successfully complete additional background checks, including motor vehicle record as well as drug testing.

• Bachelor's Degree

• 6 years of relevant cybersecurity experience

Equivalent additional directly related experience will be considered in lieu of a college degree.

Domestic and/or international travel may be required. The frequency of travel is contingent on specific duties, responsibilities, and the essential functions of the position, which may vary depending on workload and project demands.

Preferred Qualifications

• Hands-on experience with Mend for software composition analysis (SCA), open-source risk management, and vulnerability remediation.

• Experience working within Google Cloud Platform (GCP), including securing cloud-native applications, infrastructure, and CI/CD pipelines.

Skills & Abilities

• Strong analytical, problem-solving, and critical-thinking skills.

• Proven ability to communicate complex technical concepts to non-technical stakeholders.

• Deep understanding of security frameworks, incident response processes, and regulatory environments.

• Demonstrated ability to work independently and cross-functionally in a dynamic environment.

• Strong collaboration skills with both infrastructure and software engineering teams.

• Passion for innovation and continuous improvement in cybersecurity practices.

If you are passionate about water and technology, Trinnex is the place for you! Trinnex is a visionary company that is transforming the way water resources are managed and protected. By combining cutting-edge digital technologies, such as sensor/IoT data, models, geospatial data, and AI/machine learning, we create innovative, smart, and scalable solutions that make a difference. Whether it's optimizing water supply and demand, detecting leaks and anomalies, or enhancing water quality and resilience, Trinnex delivers value and impact to public sector clients across the country.