Job Title - Cyber Security Analyst
Location - Alexandria, VA.
Onsite – Monday to Friday
Interview process-In-person interview is a MUST
Essential Duties and Responsibilities:
Vulnerability Management:
- Administer and support VRE''s vulnerability management program using Qualys VMDR.
- Review vulnerability scan results, prioritize findings based on risk, and coordinate remediation activities.
- Track remediation efforts and provide reporting on security posture and risk reduction.
- Assist with patch management coordination and validation.
Security Operations & Incident Response:
- Monitor and review security alerts generated by Microsoft security tools and third-party security providers.
- Coordinate with VRE''s Managed Detection and Response (MDR) provider on threat investigations and incident response activities.
- Assist with security incident documentation, tracking, and post-incident analysis.
- Support cybersecurity awareness and security best practices across the organization.
Identity & Access Management
- Administer and support Microsoft Entra ID environments.
- Manage user access, group memberships, and role assignments.
- Assist with Privileged Identity Management (PIM) and Privileged Access Management (PAM) processes.
- Support implementation and enforcement of least-privilege access principles.
- Participate in periodic access reviews and audits.
Network & Infrastructure Security
- Assist with security administration and monitoring of network security technologies, including Meraki MX firewalls.
- Collaborate with network administrators to identify and address security risks.
- Review firewall rules and security configurations to ensure compliance with organizational standards.
- Support network security assessments and recommendations.
Security Assessments & Compliance
- Review and analyze penetration test results and vulnerability assessments.
- Assist in translating technical findings into actionable remediation plans.
- Support cybersecurity audits, risk assessments, and compliance initiatives.
- Maintain cybersecurity documentation, procedures, and reports.
Required Qualifications
Education
- Bachelor''s degree in Cybersecurity, Information Technology, Computer Science, or a related field; OR
- Equivalent combination of education, certifications, military experience, technical training, and relevant work experience.
Experience
- 2-4 years of experience in cybersecurity, information technology, systems administration, or a related field.
- Experience supporting Microsoft environments preferred.
- Exposure to vulnerability management, security operations, or identity management preferred.
Technical Knowledge
Familiarity with one or more of the following technologies:
- Microsoft Entra ID (Azure AD)
- Microsoft Defender Security Suite
- Microsoft 365 Security & Compliance tools
- Vulnerability management platforms (Qualys preferred)
- Identity and Access Management (IAM)
- Privileged Identity Management (PIM)
- Privileged Access Management (PAM)
- Network security concepts and firewall administration
- Security monitoring and incident response processes
Preferred Qualifications
- CompTIA Security+ certification.
- Microsoft Security, Compliance, and Identity Fundamentals (SC-900).
- Microsoft Security Operations Analyst (SC-200).
- Experience with Qualys VMDR.
- Experience with Microsoft E5 security capabilities.
- Experience working with Managed Security Service Providers (MSSP/MDR).
- Experience reviewing penetration testing results and remediation recommendations.