Cyber Security Analyst

Blue Cloak is seeking a Senior Cyber Security Analyst, to serve as a Blue Team Vulnerability Assessment subject matter expert. Conducts Blue Team risk and vulnerability assessment at the network, system and application levels. Conducts cyber threat modeling exercises with commercial tools such as Red Seal, Sky Box or like tools. Ensure applicable Blue Team Vulnerability Assessment discipline is applied. Leverage customer/contractual Vulnerability Assessment Process Framework to include documentation creation and review as it relates the assessment, document risk/issues. Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions.

JOB DESCRIPTION

• Candidate must have an active Top-Secret Clearance and be eligible to obtain SCI with CI Poly.
• Must have thorough understanding in a wide range of security issues including vulnerability assessment architectures, firewalls, electronic data traffic, and network access. Experience with utilizing commercial tools such as NESSUS, KIBANA, RedSeal, Lancope, WireShark, Security Onion Linux, etc. Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy. Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and mitigate vulnerabilities, and intrusions. Assists in the implementation of the required government security policy ICD/503 (NIST RMF) in support of Cyber lab environment.
• Performs analysis to validate established security requirements and to recommend additional security requirements and safeguards. Support cyber metrics development, maintenance and reporting. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Periodically conducts review of each system's audits and monitors corrective actions until all actions are closed. Experience with providing briefings to senior staff. Applies advanced technical principles, theories, and concepts. Contributes to development of new principles and concepts. Participates with senior managers to establish strategic plans and objectives: Serves as organization spokesperson on advanced projects and/or programs. Acts as advisor to management and customers on advanced technical research studies and applications.

Qualifications: TYPICAL EDUCATION AND EXPERIENCE: Bachelors and four (4) years or more experience; Masters and two (2) years or more experience; in a Computer Science, Technology, IT, or Cybersecurity field.

DoD Directive 8570 / 8140 IAT II (e.g., Security + or equivalent)

Desired Qualifications: Certified Information Systems Security Professional (CISSP)

Desired Specific Blue Team Skills:

• Identification and Validation of Security Flaws
• Network Mapping / Network Analysis
• Vulnerability Analysis
• Incident Response