Security Analyst III

Bowman Consulting Group, Ltd.Reston, VA
Onsite

About The Position

Bowman has an opportunity for a Security Analyst III to join our team in Virginia. At Bowman, we believe in creating opportunities for aspiring people to thrive and achieve ambitious goals. That’s why a career at Bowman is more than a job. It is an opportunity to be part of a diverse and engaged community of professionals, to be treated as a respected and valued member of a motivated team and to be empowered to do exceptional work that advances the best interest of everyone involved. We recognize the importance of creating a work environment that is both rewarding to our employees and supportive of our unwavering commitment to provide unparalleled service to our clients. Serves as a senior member of the Information Security team and is responsible for advancing Bowman’s cybersecurity posture through proactive monitoring, threat detection, incident investigation, and risk management. This role partners across IT, infrastructure, cloud, and business teams to protect sensitive information, strengthen security controls, and enable secure business operations while acting as a trusted security advisor.

Requirements

  • Bachelor’s degree in Information Security, Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience).
  • Five or more (5+) years of experience in cybersecurity, security operations, IT infrastructure, or related discipline.
  • Experience investigating cybersecurity incidents, phishing campaigns, malware events, and unauthorized access attempts.
  • Strong understanding of operating systems (Windows, Linux, macOS) and enterprise security principles.
  • Working knowledge of networking, endpoint security, identity and access management, vulnerability management, and incident response.
  • Experience supporting vulnerability assessments, remediation efforts, and security monitoring programs.
  • Experience with enterprise security tools such as CrowdStrike, Microsoft Defender, Microsoft Sentinel, SIEM, EDR, vulnerability management, or identity security platforms.
  • Familiarity with security frameworks such as NIST CSF, NIST 800-53, CIS Controls, or ISO 27001.
  • Experience with cloud security and Microsoft security technologies.
  • Strong analytical, problem-solving, and communication skills.

Nice To Haves

  • Preferred certifications: Security+, CySA+, CISSP, GIAC, Microsoft Security certifications, or equivalent.

Responsibilities

  • Serve as a subject matter resource for cybersecurity initiatives, projects, and operational activities.
  • Mentor junior analysts and provide guidance during incident investigations and risk assessments.
  • Lead or contribute to cross-functional security initiatives and continuous improvement efforts.
  • Promote security awareness and risk-informed decision-making across the organization.
  • Communicate security risks, findings, and recommendations to both technical and non-technical stakeholders.
  • Partner with IT, infrastructure, cloud, and business teams to identify and mitigate security risks.
  • Support cybersecurity compliance initiatives, audits, and regulatory requirements.
  • Conduct risk assessments and evaluate security controls against industry frameworks (e.g., NIST, CIS, ISO).
  • Assist in developing and maintaining security policies, standards, procedures, and guidelines.
  • Contribute to the organization’s overall security program maturity and continuous improvement.
  • Evaluate emerging threats, technologies, and digital transformation initiatives from a security perspective.
  • Monitor and triage security alerts across enterprise systems, networks, endpoints, cloud platforms, and applications.
  • Investigate and respond to security incidents, including phishing, malware, unauthorized access, and indicators of compromise.
  • Lead complex incident investigations and coordinate response efforts with internal and external stakeholders.
  • Develop and maintain incident response procedures, playbooks, and escalation processes.
  • Support vulnerability management activities including validation, prioritization, and remediation tracking.
  • Administer, tune, and optimize cybersecurity tools to improve detection and response capabilities.
  • Develop detection logic, security use cases, and automated workflows to enhance operational effectiveness.
  • Perform security testing, control validation, and risk assessments.
  • Monitor cloud environments and SaaS platforms for security risks and suspicious activity.
  • Maintain documentation of security investigations, controls, and operational metrics.

Benefits

  • Medical, dental, vision, life, and disability insurance
  • 401(k) retirement savings plan with company match
  • Paid time off, sick leave, and paid holidays
  • Tuition reimbursement and professional development support
  • Discretionary bonuses and other performance-based incentives
  • Employee Assistance Program (EAP), wellness initiatives, and employee discounts
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service