Security Analyst

  • Reston, VA
  • Posted 1 day ago | Updated 11 hours ago

Overview

On Site
Hybrid
Depends on Experience
Contract - Independent
Contract - W2
Contract - 12 Month(s)

Skills

Vulnerability Management
PL/SQL
Vulnerability Scanners
CISA
Kenna
NIST
CRISC
CIA
CISM

Job Details

The Systems Security Analyst IV role will deliver on the following responsibilities:

  • Contribute to the team responsible for conducting full governance lifecycle analysis for Vulnerability Management process includes monitoring, assessment, and oversight.
  • Contribute to the team responsible for determining business areas that pose potential threats to the enterprise
  • Manage information monitoring and processes to reduce risk using rigorous analysis
  • Oversee the effective and efficient remediation efforts of vulnerabilities.

Qualifications:

  • Experienced analyzing data to assess and identify potential security weaknesses in systems, networks, and application.
  • Experienced evaluating the risk of vulnerabilities, prioritize remediation efforts, and work with teams to implement fixes and mitigations
  • Experienced researching vulnerabilities, emerging threats, and best practices in vulnerability management
  • Experienced providing reports and analysis to management and other stakeholders, communicating findings and recommended actions
  • Assist in coordinating and resolving security incidents related to identified vulnerabilities

Skills:

  • Proven 5 plus years of work experience with vulnerability management including vulnerability assessment
  • 5 plus years of work experience with system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
  • Knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities
  • Work experience with vulnerability scanners such as Wiz, Tenable, NexusIQ, etc
  • Strong understanding of emerging threat intelligence (CISA, Kenna, etc )
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles
  • Knowledge of how traffic flows across the network
  • Knowledge of application vulnerabilities
  • NIST Cybersecurity framework (CSF), NIST Risk Management Framework (RMF) are a plus
  • Certifications: CISA, CRISC, CIA, CISM, and/or CISSP are a plus

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.