Cyber Security Analyst, Jr.
US-VA-Fairfax
Careers (External)
Req #: 6205
Type: Full-Time
|
|
|||||||||||
|
||||||||||||
Overview: GovCIO is currently hiring a Cybersecurity Analyst to enhance our organization's cybersecurity program. This role is pivotal in safeguarding our digital assets, ensuring compliance with industry standards, driving the adoption of cutting-edge security practices and providing technical and process guidance to delivery organizations. This position will be located in Fairfax, VA and will be an onsite or fully remote position within the United States. Responsibilities: Correlates threat data from various sources to establish the identity and modus operandi of hackers active in the company's networks and posing a potential threat. Provides assessments and reports facilitating situational awareness and understanding of current cyber threats and adversaries. Develops cyber threat profiles based on geographic region, country, group, or individual actors. Produces cyber threat assessments based on entity threat analysis. May provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption. KEY DUTIES AND RESPONSIBILITIES: * Support the design, implementation, and oversight of the company's comprehensive cybersecurity program, aligning with business objectives and regulatory requirements. * Aid in the development, documentation and enforcement of security policies, procedures, and protocols to protect digital infrastructure from threats and vulnerabilities. * Research and respond to cyber alerts to assess risk and impact. * Work closely with SOC provider to define/monitor cyber metrics, SOC performance and threat analyses. * Identify, report on, and coordinate remediation of cyberthreats. * Support cyber program efforts to achieve and/or maintain critical cybersecurity certifications (e.g., ISO 27001, CMMC, etc). * Leverage technical knowledge of computer systems and networks with cyber threat information to assess the company's security posture. * Conduct intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber-attacks. * Research hackers, hacker techniques, vulnerabilities, exploits, and provide detailed briefings and intelligence reports to leadership. Qualifications: Required Skills and Experience * Bachelor's with 0 - 2 years (or commensurate experience) * Eligible for Top Secret clearance (or higher) * Experience with corporate cyber security certification requirements and programs * Experience with vulnerability identification and management solutions, metrics and monitoring * Experience with identify management solutions and SIEM software * Relevant expertise/skills needed: * Threat Hunting, Threat Detection & Incident Response (TDIR) Expertise in hunting for IOC prior to detection or alerting. Experience identifying, analyzing, and responding to threats using SIEM, EDR, and SOAR tools (e.g., Rapid7 InsightIDR). Ability to lead investigations, incident responses and post-incident reviews. * Communication & Documentation Strong written and verbal communication skills. Ability to document procedures, write incident reports, and explain technical issues to non-technical stakeholders. * Vulnerability Management & Pen Testing Skilled in scanning, researching, prioritizing, and remediating vulnerabilities. Experience with tools like Rapid7 InsightVM (Nexpose), Nessus, and Qualys, and knowledge of CVSS scoring and exploit chains. * Governance, Risk & Compliance (GRC) Working knowledge of NIST, ISO 27001, CIS Controls, and regulatory requirements such as CMMC and FedRamp. Ability to support audits, write policies, and conduct risk assessments. * Cloud Security Hands-on experience securing cloud workloads, administering IAM, and configuring security services in Azure/AWS. Preferred Skills and Experience * CISSP certification or higher * Understanding of network and computing architectures * Knowledge of secure coding practices * Familiarity with zero trust, segmentation, and secure baselines Clearance Required: The ability to obtain and maintain a Top Secret Clerance. Not needed initially but may need to acquire.
Share this job:
