Cyber Security Analyst (SME) - TS/SCI FSP for Dulles
Description:
Job Description
Cyber Security Analyst - TS/SCI Full Scope Poly - Dulles, VA
Clearance Required/Must Have: Active TS/SCI Full Scope Polygraph
Location: Dulles, VA
Type: Full Time (Direct Hire)
Onsite: 100%
In Bid / Vacant: Vacant
Skill Level: SME
Work Authorization: US Citizenship required
Salary: Open
The Cybersecurity Analyst will conduct technical risk assessments, provide risk mitigation guidance, and analyze IT systems and networks for vulnerabilities. The role also involves evaluating system and network operations, diagnosing hardware and software, and staying current with emerging technologies to identify associated risks.
JOB ROLE:
Perform technical risk assessments and provide risk mitigation guidance on enabling technologies.
Gather a Body of Evidence (BOE) and assess artifacts to inform the risk assessor’s judgment.
Apply consistent and systematic investigative practices to assess risks, threats, and vulnerabilities.
Evaluate system or network operations using network management platforms, scanning tools, auditing functions, PCAP captures, and log reviews.
Analyze system, network, or cloud configurations for misconfigured settings and outdated hardware or software.
Remain current with existing and future technologies to identify associated risks.
Guide potential cyber threats, attacks, and exploitations.
Ensure risk mitigation considerations are incorporated early in the development cycle.
Organize and schedule work effectively to manage a caseload.
Track, document, and communicate progress status updates on technical risk assessment reports.
REQUIRED:
Demonstrate experience analyzing IT systems for cybersecurity vulnerabilities.
Demonstrate experience developing IT system or network architecture design, conducting IP data flow analysis, encryption configuration, and vulnerability analysis using both open-source and commercial tools, such as Nmap, Wireshark, Metasploit, Canvas, Kismet, or BackTrack.
Demonstrate experience analyzing IT network configurations of devices such as firewalls, routers, switches, VPNs, or Intrusion Detection/Prevention Systems for cyber security vulnerabilities.
Demonstrate experience with communications protocols such as IP, TCP, UDP, HTTP, HTTPS, MPLS, OSPF, IGRP, BGP, SIP, H.232.
Demonstrate experience with multiple OS’s, including Windows, Linux, and OSX.
Demonstrate experience with Microsoft Windows v7, 8, 10, 2008R2, 2012, 2012R2, or 2016.
Demonstrate experience with cloud computing technology and hypervisors like Hyper-V, VMWare ESX, or Virtual Box.
Demonstrate experience with transitioning security domains and use of cross-domain appliances.
Demonstrate experience with network management, storage, backup, and disaster recovery (DR) architectures.
Demonstrate experience performing technical risk assessments and providing technical risk mitigation guidance.
Demonstrate experience ensuring appropriate risk mitigation considerations, risks, and vulnerabilities are well understood and appropriately mitigated.
Demonstrate experience analyzing procurement processes of hardware, software, and services to comply with cyber security and operational needs.
Demonstrate experience creating concise and well-structured written assessments.
CISSP Certification.
NICE TO HAVE:
Demonstrate experience with the Customer’s IT review boards.
Demonstrate expertise in providing recommendations to IT architecture and design reviews.
Demonstrate experience with the Customer’s security policies and regulations.
Demonstrate experience providing recommendations in technical standards, security standards, and operational assurance.
Demonstrate experience with USG standards such as the Intelligence Community Directive (ICD)
503, Federal Information Processing Standards (FIPS), National Institute of Standards and
Technology (NIST) Special Publication (SP) 800-37, SP 800-39, SP 800-53, SP 800-53A, SP 800-60.
Certified Information Security Manager (CISM), Certified Ethical Hacker.
BENEFITS:
100% company-paid health/dental/vision care benefits, 100% company-paid LTD/STD/Life Insurance benefits, a 401(k) with company match, and a generous holiday/vacation/sick leave policy.
Note:
No 3rd Party Vendors or Candidates
Falsely claiming a TS/SCI (Top Secret / Sensitive Compartmented Information) clearance with a Full-Scope Polygraph (FSP) is illegal. Such a claim can have serious consequences, including civil penalties, employment termination, and criminal charges.
Keywords:
TS/SCI
Cybersecurity Analyst
Hyper-V
VMWare ESX
Protocols