Security Analyst

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.
• 5–8 years of cybersecurity, information assurance, or information security experience.
• Experience supporting federal cybersecurity programs and compliance requirements.
• Knowledge of NIST Cybersecurity Framework, NIST 800-53, RMF, FISMA, and federal security requirements.
• Experience conducting security assessments, vulnerability management, and risk analysis.
• Experience supporting system authorization and continuous monitoring activities.
• Strong analytical, problem-solving, and communication skills.
• Ability to obtain and maintain a federal background investigation.
• Security+
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Ethical Hacker (CEH)

Nice To Haves

• Experience supporting NIH, HHS, or other federal civilian agencies.
• Experience with Splunk, Tenable, Nessus, Microsoft Defender, or similar security tools.
• Experience supporting cloud environments including Azure or AWS.
• Experience with security incident response and threat hunting.
• Experience supporting biomedical research, scientific computing, or healthcare IT environments.

Responsibilities

• Monitor, analyze, and respond to cybersecurity events, incidents, and vulnerabilities.
• Support security monitoring, threat detection, and incident response activities.
• Conduct security assessments and identify potential risks and weaknesses.
• Recommend and implement corrective actions to improve security posture.
• Assist in the development and maintenance of security procedures and standards.
• Support Risk Management Framework (RMF) activities.
• Assist with security control assessments, testing, and documentation.
• Develop and maintain System Security Plans (SSPs), POA&Ms, security assessments, and supporting documentation.
• Ensure compliance with federal cybersecurity requirements, policies, and standards.
• Support system authorization and continuous monitoring activities.
• Analyze vulnerability scan results and coordinate remediation activities.
• Track remediation efforts and ensure timely resolution of identified findings.
• Collaborate with infrastructure and application teams to address security risks.
• Provide recommendations for security hardening and configuration management.
• Evaluate security controls and system configurations.
• Support implementation of cybersecurity technologies and solutions.
• Assist with identity and access management activities.
• Participate in security architecture reviews and technology evaluations.
• Support cloud security and modernization initiatives as required.
• Prepare security reports, risk assessments, and compliance documentation.
• Present findings and recommendations to technical and non-technical stakeholders.
• Support audits, inspections, and security reviews.
• Maintain effective communication with government leadership and project teams.
• Perform other duties as assigned

Benefits

• Comprehensive Medical, Dental, and Vision Insurance
• Employer-Paid Life Insurance
• Employer-Paid Short-Term and Long-Term Disability Insurance
• 401(k)
• Paid Time Off (PTO) that includes Vacation Leave, Sick Leave, and 11 Paid Holidays
• Educational Assistance