Cyber Security Analyst

The Cybersecurity Analyst has the responsibility for providing 24x7 support while ensuring the confidentiality, integrity and availability of the company information systems.

U.S. Citizenship is required pursuant to their contract with the federal government.

No Relocation.

The incumbent works as part of a hands-on onsite Cybersecurity Team who will be responsible for providing support to detect, respond, mitigate, and report cyber threats and attacks to appropriate personnel. Develops and administers processes and procedures that are compliant with National Institute of Standards and Technology (NIST) Cybersecurity Framework and other regulatory requirements. Monitors and maintains security infrastructure. Performs administration, monitoring, and maintenance of assigned information and cyber security program components to ensure safeguarding of data. Researches scenarios and compose messaging for the Employee Security Awareness program. Actively participates in administering and monitoring the Vulnerability Management Program, analyzing vulnerability issues in a timely and accurate fashion. Provides technical assistance, direction, and guidance necessary with information security initiatives. The Cybersecurity Analyst will also be responsible for providing excellent customer service, leading security related projects, and demonstrating great teamwork. Due to the work involved on our affiliate s assets,

U.S. Citizenship is required pursuant to their contract with the federal government.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Proactively monitors the environment to detect and implement steps to mitigate cyber-attacks before they occur, including:

o Monitors security-related resources for new and emerging cyber threats

o Independently reviews, investigates, and responds to real-time alerts within the environment

o Independently reviews real-time and historical reports for security and/or compliance violations

o Communicates with senior cybersecurity personnel and IT management relating to critical incidents and strategic security requirements

Reviews system audit logs and the logs of other cybersecurity solutions

Develops and executes Security Awareness activities (including recommended training) to keep employees and external customers abreast of developments and requirements of the Information and Cyber Security Program

Works with Security Operations Center (SOC) analysts and management to triage and respond to security alerts. Coordinates assessment, containment and eradication with the Incident Response Team. Coordinates tuning of preventative and detective security controls to increase fidelity and reduce false positives

Manages threat lists (e.g. whitelists, blacklists, etc.)

Ensures vulnerabilities are remediated according to established plans, including: o Independently running internal vulnerability/penetration testing tools as instructed o Independently researches and recommends security patches (includes firmware, operating systems, and software) for cybersecurity solutions

o Independently evaluates the security impact of software changes

o Helps monitor vulnerability and threat services to understand current risk, recommend response and mitigation/countermeasure strategies

Works with business units and end users to create new and enhance existing Data Loss Prevention (DLP) rules to expand the protection of Company data

Conducts independent research into and provide informed opinions on the selection of 3rd party vendors and the process of TableTop cybersecurity exercises for all business units

Composes or reviews cybersecurity incident response plans and runbooks and create or verify automation methods for plan and runbook implementation

Recommends updates to IT security policies and procedures

Other related duties as required

REQUIRED EDUCATIONS and EXPERIENCE:

High School Diploma or equivalent

Minimum of three years experience in information technology, information technology security or cyber security related fields is required

At least one year of cyber security incident collection, analysis, and reporting process procedures desired

Hands-on experience in supporting and maintaining information technology and cyber security tools and technologies (endpoint protection, vulnerability and patch management, desktop management, mobile security, and alerting and monitoring utilities) desired

Security + and/or Network+ certification desired

TECHNICAL KNOWLEDGE, SKILLS AND COMPETENCIES:

Fundamental understanding of computer networking (TCIP/IP)

Hands-on experience in supporting Microsoft Windows and Linux Operating Systems (OS) and platforms

Knowledge of cyber threats and vulnerabilities

Knowledge of adversarial tactics, techniques, and procedures

Scripting experience (PowerShell or Python) is a plus

Ability to analyze complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner

Ability to produce high-quality work in a timely fashion in a fast-paced environment

Ability to work on multiple projects and tasks while remaining detail oriented