Senior Associate, Cyber Intelligence
About The Position
Cybersecurity professional will perform vulnerability and network scans under the guidance of the Information System Security Manager (ISSM) on assigned government-authorized systems. Will be responsible for performing scans of assigned information systems, including vulnerability, network detection and mapping, and controlled interfaces. The candidate must be knowledgeable on a variety of scanning tools, including Tenable Nessus, NMAP, and Nipper, or similar security tools. Additionally, the ISSO must be able to create and interpret scan reports and recommend prioritized remediation plans. Ability to script and develop parsing tools preferred, such as BASH script, Python, PowerShell script, etc.
Requirements
- Bachelor’s Degree and a minimum of 2 years of prior related experience. Graduate Degree or equivalent with 0 to 2 years of prior related experience. In lieu of a degree, minimum of 6 years of prior related experience.
- Active Secret security clearance
Nice To Haves
- Bachelor's or Graduate degree in Cybersecurity or a related discipline from an accredited college is preferred
- CompTIA Security+ CE or equivalent certification or ability to achieve certification within 6 months of selection
- Experience as an ISSO implementing cybersecurity on classified systems
- Experience developing, managing, and providing evidence to close POA&Ms associated with the A&A and project management processes
- Experience with networking equipment; running vulnerability scans and interpreting results (e.g., Tenable Nessus, Assured Compliance Assessment Solution [ACAS], NMAP, etc.)
- ISSO/ISSM experience with eMASS
- Experience with implementing cybersecurity controls under NIST SP 800-53 and DCSA Assessment & Authorization Guide (DAAG)
- Ability to script and develop parsing tools, such as BASH script, Python, PowerShell script, etc.
- Experience with Windows and Linux
- Experience interpreting vulnerability scanning and security log results (Nessus, ACAS, Splunk)
Responsibilities
- Execute scans, generate reports, interpret results, and recommend remediation plans
- Prepare, review, and maintain authorization documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action and Milestones (POA&Ms), risk assessments, and supporting artifacts
- Interpret and implement cybersecurity requirements in accordance with RMF, NIST, CNSSI, JSIG, DoD, or other applicable government frameworks and customer directives
- Execute Continuous Monitoring Plans
- Support Security Test and Evaluation (ST&E) activities, including planning, preparation, execution support, analysis of results, and reporting of findings
- Interface with system managers and Information Technology (IT) personnel to track and resolve identified vulnerabilities
- Create, maintain, and update documentation
- Develop new concepts or standards which make significant and impactful improvements to processes, systems, solutions, or products
- Communicate cybersecurity risks, requirements, and compliance status to technical and non-technical stakeholders, including leadership, customers, and external assessors
- Flexibility to adjust to changing requirements, schedules, and priorities
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
