Cybersecurity Analyst - Mid

ASM Research•Germantown, MD

12d

About The Position

Creates cyber-intelligence tools / methods and performs research and analysis in order to mitigate and eliminate data and cyber security risks. Develops acceptance criteria for cybersecurity architecture. Investigates computer and information security incidents to determine extent of compromise to national security information and automated information systems. Assists with defining security objectives and system-level performance requirements. Researches and stays abreast of relevant regulations and standards, threat intelligence feeds, tools, techniques, countermeasures, and trends in computer network vulnerabilities. Configures and validates secure systems, tests security products/systems to detect computer and information security weaknesses. Mains the computer and information security incident, damage and threat assessment programs. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. Involved in the periodic conduct of a review of each system's audits and monitors corrective actions until all actions are closed. Supports the development of integrated system solutions ensuring proprietary/confidential data and systems are protected. Involved in the establishment of strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Conduct or support security awareness training programs for staff and users to promote a culture of security within the organization. Performs regular risk assessments to identify potential security threats and vulnerabilities. Develops and implements risk mitigation strategies. Assist in the development, implementation, and enforcement of security policies, standards, and procedures. Develops and update proactive incident response plans to ensure preparedness for potential security breaches. Participates in incident response drills and exercises. Evaluate the security practices of vendors and third-party service providers that are part of the enterprise architecture. Ensures that third-party services comply with the organization's security policies and standards. Prepare detailed reports on security incidents, findings, and recommendations. Maintain thorough documentation of security processes, procedures, and configurations.

Requirements

Bachelor's Degree in Computer Science or a related field or equivalent experience.
5+ years of relevant work experience.
Must be able to communicate effectively and clearly present technical approaches and findings.
Exercises a limited degree of latitude in determining technical objectives of assignments.
Excellent attention to detail.
Must be able to balance multiple tasks simultaneously.

Responsibilities

Creates cyber-intelligence tools / methods
Performs research and analysis in order to mitigate and eliminate data and cyber security risks
Develops acceptance criteria for cybersecurity architecture
Investigates computer and information security incidents to determine extent of compromise to national security information and automated information systems
Assists with defining security objectives and system-level performance requirements
Researches and stays abreast of relevant regulations and standards, threat intelligence feeds, tools, techniques, countermeasures, and trends in computer network vulnerabilities
Configures and validates secure systems
Tests security products/systems to detect computer and information security weaknesses
Maintains the computer and information security incident, damage and threat assessment programs
Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports
Involved in the periodic conduct of a review of each system's audits and monitors corrective actions until all actions are closed
Supports the development of integrated system solutions ensuring proprietary/confidential data and systems are protected
Involved in the establishment of strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems
Conduct or support security awareness training programs for staff and users to promote a culture of security within the organization
Performs regular risk assessments to identify potential security threats and vulnerabilities
Develops and implements risk mitigation strategies
Assist in the development, implementation, and enforcement of security policies, standards, and procedures
Develops and update proactive incident response plans to ensure preparedness for potential security breaches
Participates in incident response drills and exercises
Evaluate the security practices of vendors and third-party service providers that are part of the enterprise architecture
Ensures that third-party services comply with the organization's security policies and standards
Prepare detailed reports on security incidents, findings, and recommendations
Maintain thorough documentation of security processes, procedures, and configurations