Cyber Security Analyst

About The Position

Requirements

• Experience analyzing log files, firewall logs, and IDS Logs to identify possible threats to network security, and to perform command and control functions in response to incidents. If not 8570 certified at contract start must be within six months.
• Experience in Host Based Security Systems (HBSS), ACAS vulnerability scanning software, knowledge of and experience with Security Information and Events Manager (SIEM) analysis and administration, as well as Information Assurance Vulnerability Alert (IAVA) management.
• Excellent verbal, written and interpersonal communication skills, excellent organizational and multi-tasking skills.
• Great analytical, critical thinking and problem-solving abilities.
• Superior presentation and negotiation skills.
• Strong management and organizational skills.
• Adaptable and capable of working in fast-paced environments.
• Proficient in Microsoft Word, Excel, PowerPoint, and SharePoint
• Bachelor's degree in IT, Cyber Security or related field or seven years of IT work experience
• Demonstrated work experience as Cyber Security Analyst in DoD or Federal government environments
• Two or more years' experience performing vulnerability scans using Tenable SecurityCenter (Tenable.sc) or ACAS
• Must possess appropriate DISA ESS certifications and experience.
• Must be DoD 8570 certified at IAT Level 3 or higher (e.g., CASP+, CCNP Security, CISA, CISSP, GCED, GCIH, or CCSP)
• Must be US citizen
• Must possess active secret security clearance or higher
• Must be able to pass pre-employment background check

Nice To Haves

• Bachelor's degree in IT, IM, or Cyber Security
• ACAS certification obtained within the last three (3) years, preferred
• HBSS Administrator certification obtained within the last three (3) years, preferred

Responsibilities

• Conduct vulnerability scans of IT assets as requested from tickets or as directed by Cybersecurity Manager.
• Apply knowledge of monitoring, analyzing, detecting, and responding to Cyber events and incidents within information systems and networks.
• Advise on an integrated, dynamic Cyber defense and leverage Cybersecurity solutions to deliver Cybersecurity operational services, including intrusion detection and prevention, situational awareness of network intrusions, security events, and data spillage, and incident response actions.
• Assess IT assets for cybersecurity compliance in accordance with DISA STIGs requirements.
• Develop POA&Ms to track any Overdue vulnerabilities or STIG deviations
• Review and investigate security alerts and incidents from Microsoft 365 Defender
• Utilize eMASS to maintain and update POA&M status
• Review device compliance status from HBSS
• Work with other NEC Operations team members to remediate and mitigate security vulnerabilities.
• Review the latest Cybersecurity intelligence information and provide recommendations to improve the Cybersecurity posture.
• Perform other duties as appropriate and as assigned.

Benefits

• paid holidays
• paid time off
• 401K with employer match
• dental
• vision
• health insurance plans
• life and disability benefits