Position Summary/About the role

Position 1: Information Security Analyst
Location: Stamford, Connecticut (Onsite / Hybrid as required)
Engagement Type: Contract / Consulting Assignment
12 Months
Role Overview
We are seeking an experienced Information Security Analyst to support and strengthen the
City's cybersecurity, risk management, and compliance programs. This role will serve as a
key contributor in developing security governance frameworks, conducting risk assessments,
supporting security operations, and ensuring regulatory and standards alignment.
The ideal candidate will bring deep expertise in cybersecurity analysis, risk management,
incident response, and security technologies, along with the ability to collaborate across
technical and non-technical stakeholders.
Key Responsibilities
Security Governance & Policy Management
• Develop, review, and maintain information security policies, standards, and
procedures
• Align governance practices with NIST CSF 2.0, ISO 27001, CIS Controls
• Support development of security control frameworks
• Maintain audit-ready documentation
Risk & Control Management
• Conduct enterprise security risk assessments
• Develop and maintain:
o IT Risk Taxonomy
o IT Risk Register
o Control Inventory
• Support Risk & Control Self-Assessments (RCSA)
• Identify control gaps and recommend remediation strategies
Security Operations & Monitoring
• Support and monitor security tools including:
o SIEM platforms
o IDS/IPS systems
o Data Loss Prevention (DLP)
o Endpoint Protection Solutions
• Analyze security events and alerts
• Recommend detection, tuning, and response improvements
Vulnerability & Threat Management
• Perform vulnerability scans and assessments
• Analyze findings and prioritize remediation
• Support threat intelligence and proactive defense initiatives
Incident Response & Investigation
• Detect, investigate, and respond to cybersecurity incidents
• Support breach analysis and containment activities
• Document root cause analysis and corrective actions
Compliance & Audit Support
• Support SOC testing and security audits
• Ensure alignment with:
o FISMA
o NIST RMF
o FedRAMP (as applicable)
• Prepare compliance artifacts and evidence
Security Awareness & Advisory
• Support cybersecurity awareness initiatives
• Promote best practices across City departments
Required Qualifications
• 8–10 years of progressive experience in Information Security / Cybersecurity
• Demonstrated experience in:
o Security governance
o Risk management
o Security operations
o Incident response
Required Technical Skills
• SIEM technologies
• IDS/IPS systems
• Endpoint security tools
• Vulnerability assessment platforms
• Security event analysis
Required Knowledge Areas
• NIST Cybersecurity Framework (CSF)
• Risk Management Framework (RMF)
• Security controls & governance
• Incident response methodologies
Preferred Qualifications
• Government / municipal cybersecurity experience
• Cloud security exposure (AWS / Azure / GovCloud)
• Experience supporting audits / SOC assessments
• Industry certifications preferred:
o CISSP
o CISM,
o CISA,
o CEH
Core Competencies
• Strong analytical and investigative skills
• Excellent written and verbal communication
• Ability to translate security risks for business stakeholders
• High attention to documentation and compliance detail
• Ability to operate independently and collaboratively

About CVC

Compu-Vision Consulting, Inc. is a leading provider of consulting and workforce solutions across IT, healthcare, engineering, life sciences, and professional services. Since 1998, we have supported organizations nationwide with scalable, cost-effective services that drive innovation and operational excellence. Backed by an experienced professionals and strong industry expertise, Compu-Vision is a trusted partner helping mission-driven organizations navigating complex and evolving needs. Join us and be part of a team dedicated to quality, accountability, and measurable impact across industries.

Equal Opportunity Employer Note

Compu-Vision Consulting, Inc. is an Equal Opportunity/Affirmative Action Employer and does not discriminate based on age, color, disability, ethnicity, marital or family status, national origin, race, religion, sex, sexual orientation, veteran status, or any other characteristic protected by law.