Cyber Security Analyst

Cyber Security Analyst

This position requires the ability to obtain and maintain a Public Trust.

Criterion is seeking a Cyber Security Analyst to protect computer systems and networks from potential threats and vulnerabilities. The Cyber Security Analyst monitors and analyzes security incidents, conducts risk assessments, implements security measures, performs vulnerability assessments, and supports cybersecurity compliance initiatives. This role plays a critical part in protecting enterprise information systems while supporting mission-critical operations and regulatory requirements.

Compensation & Benefits

Estimated Starting Salary Range for Cyber Security Analyst: $150,000 - $155,000

Pay commensurate with experience.

Full-time benefits include Medical, Dental, Vision, 401(k), and other possible benefits as provided. Benefits are subject to change with or without notice.

Cyber Security Analyst Responsibilities Include

• Review, submit, and track Authority to Operate (ATO) packages.
• Evaluate existing mission systems and cybersecurity posture.
• Create, review, and recommend Standard Operating Procedures (SOPs) and templates in accordance with applicable regulations, policies, and best business practices.
• Review business processes and provide Risk Management Framework (RMF) guidance and documentation support.
• Pull, analyze, and report on Host-Based Security System (HBSS) data.
• Provide RMF recommendations and assist with preparation, delivery, tracking, and monitoring of RMF artifacts and documentation.
• Support security reporting requirements associated with network operations, deployments, DISA STIG compliance, encryption initiatives, and security mandates.
• Respond to questions, taskers, and data calls from government stakeholders and partner organizations.
• Support authorization and accreditation activities for systems, applications, and infrastructure.
• Identify, mitigate, and resolve cybersecurity issues and concerns.
• Conduct vulnerability assessments utilizing ACAS, SCC, and other approved tools.
• Support Information Assurance Vulnerability Alert (IAVA) compliance and reporting requirements.
• Perform remediation, imaging, and threat mitigation activities.
• Support Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), vulnerability scanning solutions, anti-virus platforms, HBSS, firewalls, web filtering solutions, and VPN technologies.
• Implement and manage RMF processes for information systems and networks.
• Ensure Accreditation and Authorization (A&A) documentation remains compliant with applicable regulations and guidance.
• Develop and maintain documentation supporting Authority to Operate (ATO), Authority to Connect (ATC), Certificate of Networthiness (CON), and System Security Plan (SSP) requirements.
• Conduct RMF validation activities and security control assessments.
• Verify implementation of cybersecurity controls and security requirements.
• Implement emerging cybersecurity solutions and best practices.
• Provide cybersecurity guidance and support to system owners and stakeholders.
• Participate in incident response and spillage handling activities.
• Monitor and report IAVM metrics and vulnerability status.
• Support cybersecurity education, awareness, and training initiatives.
• Conduct security assessments including:
  • Security policy development
  • Security engineering and architecture design
  • Operational security management
  • Network security testing and evaluation
  • Computer security incident response
  • Vulnerability analysis
  • Malicious code analysis
  • Security risk assessment
  • Security certification and accreditation
  • Assess and Authorize (A&A)
  • Risk analysis
  • Trending analysis
  • Event and Incident analysis
• Document current security posture, identify vulnerabilities, and provide mitigation recommendations.
• Perform other job-related duties as assigned.

Cyber Security Analyst Experience, Education, Skills, Abilities Requested

Education & Experience

• Bachelor’s Degree in Computer Science, Information Systems, or a related field.
• Minimum three (3) years of IT experience in a mid-to-large enterprise environment.

Required Skills & Qualifications

• Strong knowledge of information assurance policies and procedures.
• Experience supporting software, system, and enclave authorization and accreditation processes.
• Knowledge of systems architecture, security risk analysis, risk mitigation reporting, and vulnerability assessments.
• Experience supporting cybersecurity regulatory compliance and program management initiatives.
• Extensive experience with:
  • SCCM
  • Group Policy Management
  • Active Directory Services
  • Operating System image management
  • Patch management
  • Security update deployment
• Extensive experience conducting ACAS scans, reporting, and remediation.
• Knowledge of eMASS and POA&M management.
• Skilled in RMF implementation and continuous monitoring.
• Experience creating and testing Continuity of Operations Plans (COOP).
• Experience reviewing security logs, SCAP scans, and HBSS reports.
• Ability to deploy applications and operating system images through enterprise ticketing systems.
• Ability to validate deployed images are free from vulnerabilities before release.
• Ability to analyze cybersecurity risks and provide effective mitigation strategies.
• Security+ Certification required.
• Ability to obtain and maintain a Public Trust.
• Must pass pre-employment qualifications.

Similar Searchable Job Titles

• Information Security Analyst
• Security Operations Analyst
• Incident Response Analyst
• Threat Intelligence Analyst
• Security Analyst

Keywords

• Threat Detection
• Incident Response
• Vulnerability Assessment
• Security Monitoring
• Risk Mitigation

Company Information

Criterion provides support, services, and solutions to federal government customers. The company takes a personalized approach to solving clients’ toughest challenges while helping professionals maximize their expertise and career growth. Criterion is part of Cherokee Federal — a team of tribally owned federal contracting companies supporting mission-critical programs across the federal sector.

#CherokeeFederal #LI-REMOTE 

Legal Disclaimer: Cherokee Federal is an equal opportunity employer. Please visit cherokee-federal.com/careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, Accommodation request, and Presidential EO 14042 Notice.