Cyber Security Analyst SME
- Full-Time
- McLean, VA
- CTFV
- Posted 2 years ago – Accepting applications
Job Description
Responsibilities:
The customer is seeking an experienced Technical Investigator with demonstrated Cyber Security experience to conduct assessments for a diverse and integrated range of network technologies. Activities include conducting technical security and risk assessments, drafting assessment reports and memoranda for senior officers; developing and providing assessment briefings, attending customer meetings, and participating in all Sponsor activities related to the assignment. Assessments will focus on operational and technical environments to validate and verify operational and technical requirements, identify points of vulnerability and operational security risks, address non-compliance with established Information Sharing, Identity and Access Management (ldAM), Information Assurance (IA) and standards and regulations, assess and mitigate system security threats/risks throughout the project life cycle, and recommend mitigation strategies.
The position requires candidates with a breadth of knowledge and experience to examine a variety of system and network technologies and operational activities for cyber risks. Activities performed in this capacity include but are not restricted to:
ADDITIONAL SECURITY REVIEW PROCESS RequirementAll personnel coming into the organization undergo an additional security review that can take anywhere from 7 business days to 30 days or more.Qualifications:Required skills:
Desired skills:
Apply to this Job
Work Description: The Cyber Security Analyst candidate will serve as a technical cyber investigator supporting the design, engineering, implementation, and maintenance of various enabling technologies utilized in mission systems/networks and applications. In this capacity, the candidate will be responsible for analyzing network/system topologies from a cyber security and network/system engineering perspective.
The customer is seeking an experienced Technical Investigator with demonstrated Cyber Security experience to conduct assessments for a diverse and integrated range of network technologies. Activities include conducting technical security and risk assessments, drafting assessment reports and memoranda for senior officers; developing and providing assessment briefings, attending customer meetings, and participating in all Sponsor activities related to the assignment. Assessments will focus on operational and technical environments to validate and verify operational and technical requirements, identify points of vulnerability and operational security risks, address non-compliance with established Information Sharing, Identity and Access Management (ldAM), Information Assurance (IA) and standards and regulations, assess and mitigate system security threats/risks throughout the project life cycle, and recommend mitigation strategies.
The position requires candidates with a breadth of knowledge and experience to examine a variety of system and network technologies and operational activities for cyber risks. Activities performed in this capacity include but are not restricted to:
- Lead technical assessments of system/network topologies and write assessment reports based on
- Analyze IP network topologies, technical and operational vulnerabilities and
- Review configurations of IP based network equipment such as routers, switches, firewalls, IDS/IPS, One Way Transfer (OWT) appliances for security policy and deployment guideline compliance, operating system and security patch updates, configuration
- Conduct and evaluate automated system and network scans using tools such as Wireshark, NMap, Nessus, Nipper
- Support external customer projects by providing system and network engineering expertise and cyber guidance in working groups, customer meetings, and in written communications to ensure the projects comply with Agency policy and regulations while fulfilling the customer's operational
- Provide cyber recommendations to architecture and design reviews.
- Evaluate network operations using network management platforms, network scanning tools, auditing functions, and log
- Review procurement processes of hardware, software and services to comply with cyber and operational
- Maintain current knowledge of relevant technology as
- The individual performing this work will be required to work independently with little supervision and should be flexible to support customers located throughout the WMA.
ADDITIONAL SECURITY REVIEW PROCESS RequirementAll personnel coming into the organization undergo an additional security review that can take anywhere from 7 business days to 30 days or more.Qualifications:Required skills:
- 16 years’ work experience and a Bachelor's Degree in Computer Science, Engineering, or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience
- Ten or more years of network/system engineering experience in a secure environment and five or more years supporting mission based TCP/IP networks.
- Experience with planning, configuring, securing, and maintaining IP network products including routers, switches, wireless networking, VPN's, IDS/IPS, Firewalls, One Way Transfer (OWT) appliances.
- Experience with planning, configuring, securing, and/ or maintaining cloud-based services such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud, IBM Cloud.
- Demonstrated experience with communications protocols such as IP, TCP, UDP, MPLS, OSPF, IGRP, BGP.
- Experience with network operating systems such as Cisco iOS, NXOS, JunOS.
- Virtualized Platform (VMware, Virtua Box, Microsoft Hyper -V, QEM U) experience.
- Experience with Windows Server (2012/2016), Windows Workstation (8.X, 10), Linux (Redhat/Debian), OSX operating systems.
- Knowledge and experience with encryption products, methodologies, configuration.
- Experience with Network Packet Capture and System analysis tools such as Wireshark, Snort, NMAP, Nipper Studio, Nessus.
- Experience with Network Management products such as HP OpenView, Solarwinds, Nagios.
- Familiar with cyber security standards such as Intelligence Community Directive (ICD) 503, Committee on National Security Systems Publication (CNSSP) 1253, Federal Information Processing Standards (FIPS) 140-2, 199, 200, National Institute of Standards and Technology (NIST) Special Publications 800-37, 800-39, 800-53.
- Experience with Computer Aided Design programs such as CAD or Visio.
- One or more of the following certifications:
- Amazon Cloud Service Certification (Solutions Architect Associate or higher) or similar cloud certification
- Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP),
- Juniper NCSP, or Juniper NCP
- Microsoft Certified Solutions Associate (MCSA) or Microsoft Certified Solutions Expert (MCSE)
- Red Hat Certified Engineer (RHCE) or Red Hat Certified Security Specialist (RHCSS) or similar Linux certification
- VMWare Certified Professional vSphere 5 (VCPS) or similar virtua l machine certification
- Certified Information Systems Security Professional {CISSP)
Desired skills:
- Experience with VOiP Telephony Systems.
- Firm understanding of business legal structures and business operations (contracts, accounts receivable, accounts payable, business banking, procurement processes, and logistics).
- One or more of the following certifications:
- Offensive Security Experienced Penetration (OSEP) Tester Certification
- Certified Ethical Hacker (CEH)
- Project Management Professional (PMP)
- EMC, NetApp or similar certification