Senior Security Analyst

Job description

SUMMARY: Mortenson is currently seeking a Senior Security Analyst that will be responsible for managing risks, and ensuring compliance with security regulations, which includes developing & enforcing security frameworks, conducting risk assessments, and creating cybersecurity policies. This role also involves monitoring & reporting on compliance, conducting assessment & auditing, and collaborating with stakeholders to align security practices with business objectives & communicating risk status. RESPONSIBILITIES: - Assess and manage contractual and regulatory obligations in accordance with company policies, industry standards, and regulatory requirements (e.g. SOC 2, ISO 27001, NIST CSF, NIST 800-171, CMMC, etc.). - Manage security standards, policies, and practices on an annual basis to make sure they meet company demands. - Assist the Business in responding to inquiries from customers about Security controls and compliance. - Look for improvement and offer insightful advice and value-added guidance on process and control enhancements. - Conduct comprehensive risk assessments of third-party vendors, partners, and service providers to evaluate security posture, compliance status, a...