Cybersecurity Analyst

100% Remote, Independent contractor agreement role for 2+ years

Professional English is a must

Please submit your resume in English

8am - 5pm EST time zone (subject to change)

Paid monthly based on experience

Must live in the Medellin Metro Area

Be a part of EFL Global!

EFL Global, is a leading global supply chain solutions provider headquartered in Sri Lanka and backed by a global network across 70+ offices in 33 countries throughout Asia, Africa, Middle East and USA. While offering an extensive range of supply chain solutions including freight, 3PL and inland transportation, EFL embraces an innovative approach to logistics by using digital technologies to create new age business processes and customer experiences.

As a progressive organization that continues to expand via digital transformation, we are looking for dynamic individuals who strive to pursue a career at EFL within a rapidly growing business environment.

Purpose of the Job/Duties & Responsibilities:

The Cybersecurity Analyst will be responsible for ensuring the security and integrity of our on-premises and cloud based infrastructure. You will play a critical role in safeguarding our systems and data from cyber threats, implementing best practices, and ensuring compliance with industry standards and regulations. A large part of this role will be working with various groups within a global company to ensure the company's cybersecurity documentation and policies are in line with the shipping and logistics industry.

• Conduct bi-annual vulnerability assessments and penetration testing to identify and address security weaknesses and potential threats.
• Conduct quarterly reviews of access controls on business critical system accounts and in coordination with system owners ensure users have proper access.
• Conduct tabletop exercises to measure readiness for:
• Offboarding of a user account (privileged account or urgent situation)
• Data recovery
• Server recovery
• Business continuity
• Procure applicable Security Technical Implementation Guides (STIG) documents and work with DevOps teams to automate the application of STIG CAT 1 controls.
• Stay informed on the latest Zero-day exploits, high-risk vulnerabilities, and trends in cybersecurity, including the best means for detecting and managing an attack.
• In coordination with SOC, monitor and analyze security logs, alerts, and events, participate in incident response activities, including investigating and remediating security incidents, and implementing preventive measures.
• Work with systems engineers to develop, implement and audit the security standards for existing technologies, including firewalls, intrusion detection/prevention systems, antivirus software, and encryption tools.
• Conduct periodic audits and security assessments of on-premises servers and cloud environments to ensure compliance with internal policies and regulatory requirements.
• Provide guidance and training to employees on cybersecurity best practices, awareness, and incident response protocols.
• Monitor and enforce compliance with regulatory requirements, such as GDPR, ISO 27001, and NIST, as applicable to on-premises servers and cloud infrastructure.
• Work with developers to ensure code scans are performed and high risk items are resolved and tested prior to release.

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Complete risk survey and customer due diligence reports as required.

Qualifications and Characteristics:

• BS in Information Technology, Computer Science / Engineering and 5- 10 years of relevant experience. Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable.
• Experience with securing on-premises servers and virtualization technologies (e.g., VMware, Hyper-V).
• Proficiency in securing cloud platforms (AWS, Azure) and familiarity with cloud security controls and services.
• Proven experience working in cybersecurity roles, with a focus on on-premise servers and cloud environments.
• Demonstrated experience in vulnerability assessment and penetration testing tools and methodologies.
• Experience with security incident response, including analyzing and mitigating security incidents.
• Familiarity with security and compliance requirements for the shipping and logistics industry.
• Self-motivated, detail-oriented, and able to work both independently and as part of a team in a fast-paced environment.
• Strong writing and collaboration skills, with the ability to effectively convey complex security concepts to technical and non-technical stakeholders as well as keep cybersecurity documentation up to date and current.
• Ability to work in an Agile / Scrum environment

Compensation based on experience: $800 - $1,000 USD per month