Cyber Network Analysis Tech 4

About The Position

Requirements

• Must currently hold and be able to maintain US Secret security clearance.
• Experience using DISA ESS.
• DISA ACAS Administrator Training certificate.
• COMPTIA Security+ CE certification.
• 9 years relevant experience with Bachelors in related field OR;
• 7 years relevant experience with Masters in related field OR;
• High School Diploma or equivalent and 13 years relevant experience.

Responsibilities

• Perform security testing and evaluation of servers, workstations, databases, and network fabric devices (i.e. firewalls, switches, routers, load balancers) in order to determine security vulnerabilities and weaknesses, and to create reports of security findings in support of security authorization process.
• Create customized scanning/testing configurations within testing tools to suit security configuration requirements.
• Identify the applicable NIST 800-53 security controls or policies that correspond to any finding identified via manual or automated testing, to a specific CVE, IT technologies, or any other physical or logical subject.
• Perform analysis of cybersecurity directives, policies, and instructions to include, but not limited to: Communications Task Orders (CTOs), Fragmentary/Task/Operation Orders (FRAG/TASK/OPORDs), IA Vulnerability Management (IAVM), Public Key Infrastructure (PKI) guidance, and STIG requirements.
• Track and report compliance status in the Vulnerability Remediation Asset Manager (VRAM) and similar reporting tools as applicable
• Ensure current security testing and evaluation software is sufficient to the task of conducting infrastructure security testing and regularly look for and recommend additional software that may fill gaps in current security testing toolset.
• Provide subject matter expertise concerning known vulnerabilities, and become knowledgeable of newly released vulnerabilities, and discuss methods of exploitation, methods of mitigation or remediation, severity of impact and other pertinent considerations of vulnerabilities.
• Perform risk analysis/independent verification on security configuration and STIG finding risk reports / POA&Ms for devices on the network.
• Must possess the ability to work independently or work well with a team.

Benefits

• We offer competitive benefits such as best-in-class medical, dental and vision plan choices; wellness resources; employee assistance programs; Savings Plan Options (401(k)); financial planning tools, life insurance; employee discounts; paid holidays and paid time off; tuition reimbursement; as well as early childhood and post-secondary education scholarships.