Cyber Security Analyst Columbia, MD
Monitor network traffic to identify, analyze and prevent cyber-attacks and intrusions. Assist in projects and tasks aimed to decrease the companies cyber threat landscape. Help develop and maintain cybersecurity standards and baselines to ensure Controlled Unclassified Information (CUI), Cybersecurity Maturity Model Compliance (CMMC) and Risk Management Framework (RMF) regulations are adhered to.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
include the following; other duties may be assigned as needed.
- Proactive network monitoring to identify and/or prevent cybersecurity/network incidents
- Incident triage to determine scope, urgency, and potential impact; identify the vulnerability and make recommendations for swift remediation
- Performs cybersecurity trend analysis and reporting
- Ensuring compliance with current cyber security policies, concepts, and measures
- Optimize internal network design to promote a strong network security posture
- Development and maintain the company System Security Plan (SSP) and Plan of Action and Milestones (POAM)
- Construct relevant technology policies to ensure compliance with NIST 800-171, CUI, CMMC and RMF.
- Develop, maintain, and oversee the system security program and policies for their assigned area of responsibility
- Ensuring the fulfillment of IO data requirements (e.g., storage, processing, Assured File Transfer (AFT), incident response, collection, dissemination, and disposal).
- Implement security controls to protect the system, in coordination with system stakeholders
- Ensuring configuration management policies and procedures are followed
QUALIFICATIONS: The requirements listed below are representative of the knowledge, skill, and/or ability required.
Education and Desired Certifications:
- Bachelor’s degree in a related discipline with 3-5 years related experience, and/or equivalent training, experience and certification
- IAT Level II (GSEC, Security+, SSCP, CCNA-Security)
- MSCE, MCITP, etc.
- CCNA, CCNP, etc.
Knowledge and Experience:
- Strong understanding of common network protocols, network security devices and Microsoft operating systems
- Hands on computer intrusion analysis, detection and incident response experience
- Participation in security audit, compliance and risk assessment practices
- Familiarity with windows local/group security policy and the windows registry
- Microsoft PowerShell and other scripting languages
- OS hardening and DOD applicable Security Technical Implementation Guides (STIGs)
- Security Information and Event Management (SIEM) technologies
- Management of antivirus and advanced endpoint protection
- Familiar with NIST 800-171 compliance requirements
- Understanding of CMMC level 3 and above requirements
- Microsoft 365/Office 365 administration and user support
Other Skills and Abilities:
- Define problems, collect data, establish facts, and draw valid and concise conclusions.
- Exceptional technical documentation writing
- Effectively communicate complex subject matter both verbally and in writing.
- Ability to work well in a team environment with all departments, as well as individually.