Summary: The Cybersecurity Analyst will safeguard systems and data from cyber threats, ensuring security and compliance within a global supply chain solutions provider. Highlights: 1. Ensuring security and integrity of on-premises and cloud infrastructure 2. Working with a global company on cybersecurity documentation and policies 3. Innovative approach to logistics through digital transformation **100% Remote, Independent contractor agreement role for 2\+ years** **Professional English is a must** **Please submit your resume in English** **8am \- 5pm EST time zone (subject to change)** **Paid monthly based on experience** **Must live in the Medellín Metro Area** **Be a part of EFL Global!** EFL Global, is a leading global supply chain solutions provider headquartered in Sri Lanka and backed by a global network across 70\+ offices in 33 countries throughout Asia, Africa, Middle East and USA. While offering an extensive range of supply chain solutions including freight, 3PL and inland transportation, EFL embraces an innovative approach to logistics by using digital technologies to create new age business processes and customer experiences. As a progressive organization that continues to expand via digital transformation, we are looking for dynamic individuals who strive to pursue a career at EFL within a rapidly growing business environment. The Cybersecurity Analyst will be responsible for ensuring the security and integrity of our on\-premises and cloud based infrastructure. You will play a critical role in safeguarding our systems and data from cyber threats, implementing best practices, and ensuring compliance with industry standards and regulations. A large part of this role will be working with various groups within a global company to ensure the company's cybersecurity documentation and policies are in line with the shipping and logistics industry.  Conduct bi\-annual vulnerability assessments and penetration testing to identify and address security weaknesses and potential threats.  Conduct quarterly reviews of access controls on business critical system accounts and in coordination with system owners ensure users have proper access.  Conduct tabletop exercises to measure readiness for: o Offboarding of a user account (privileged account or urgent situation) o Data recovery o Server recovery o Business continuity  Procure applicable Security Technical Implementation Guides (STIG) documents and work with DevOps teams to automate the application of STIG CAT 1 controls.  Stay informed on the latest Zero day exploits, high risk vulnerabilities and trends in cyber security including the best means for detecting and managing an attack.  In coordination with SOC, monitor and analyze security logs, alerts, and events, participate in incident response activities, including investigating and remediating security incidents, and implementing preventive measures.  Work with systems engineers to develop, implement and audit the security standards for existing technologies, including firewalls, intrusion detection/prevention systems, antivirus software, and encryption tools.  Conduct periodic audits and security assessments of on\-premises servers and cloud environments to ensure compliance with internal policies and regulatory requirements.  Provide guidance and training to employees on cybersecurity best practices, awareness, and incident response protocols.  Monitor and enforce compliance with regulatory requirements, such as GDPR, ISO 27001, and NIST, as applicable to on\-premises servers and cloud infrastructure.  Work with developers to ensure code scans are performed and high risk items are resolved and tested prior to release.  Complete risk survey and customer due diligence reports as required. **Qualifications:**  BS in Information Technology, Computer Science / Engineering and 5\- 10 years of relevant experience. Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable.  Experience with securing on\-premises servers and virtualization technologies (e.g., VMware, Hyper\-V).  Proficiency in securing cloud platforms (AWS, Azure) and familiarity with cloud security controls and services.  Proven experience working in cybersecurity roles, with a focus on on\-premise servers and cloud environments.  Demonstrated experience in vulnerability assessment and penetration testing tools and methodologies.  Experience with security incident response, including analyzing and mitigating security incidents.  Familiarity with security and compliance requirements for the shipping and logistics industry.  Self\-motivated, detail\-oriented, and able to work both independently and as part of a team in a fast\-paced environment.  Strong writing and collaboration skills, with the ability to effectively convey complex security concepts to technical and non\-technical stakeholders as well as keep cybersecurity documentation up to date and current.  Ability to work in an Agile / Scrum environment. Job Types: Full\-time, Contract Contract length: 24 months Education: * Bachelor's (Required) Experience: * Cybersecurity : 3 years (Required) * VMware, Hyper\-V: 3 years (Required) * cloud platforms (AWS, Azure): 3 years (Required) Language: * Professional English (Required) Location: * Medellín, Antioquia (Required) Work Location: Remote