Cybersecurity Analyst
Gray Tier Technologies is seeking an experienced Cybersecurity Analyst on The Enterprise and Cyber Solutions (E&CS) Operation. The team is seeking a Cybersecurity Analyst to support the implementation and administration of information security policies, procedures, and technologies to ensure the protection of systems, applications, and data in support of the Compartmented Enterprise Services Office (CESO) program.
With the CESO program, the Defense Information System Agency (DISA) is looking to transform the existing Secure Web Services (SWS) environment, which provides secure information sharing to the community, into a more mature service offering to meet the DoD and intelligence communities. As part of this task order, the team will manage the commercial cloud migration and disestablishment of legacy systems, fully automate the continuous development & continuous integration environment, fourth estate consolidation, professionalize services – ITIL/DevSecOps based processes, improve the customer experience 1st call resolution, and achieve development of a service catalog for Defense Working Capital Fund (DWCF) Model.
This position is in either Alexandria, VA, or Arlington, VA with occasional/situational travel.
Primary Responsibilities
- Provide analysis of architectures, technologies, policies, information and analytic data
- Develop cybersecurity and risk assessment methodologies and procedures to support prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies.
- Perform cyber situational awareness activities and provide analysis and recommendations.
- Prepare and perform briefings appropriate for senior leadership.
- Conduct micro and macro analysis of enterprise cybersecurity defensive strategies in order to enable operational effectives, defense, and command and control.
- Analyze policy, program management office managed systems, hardware, and software, cloud, network infrastructure in order to recommend methods and strategies that reduce and/or managed impacts.
- Support and collaborate with CESO and/or its designated third-parties in information assurance/security services (e.g., intrusion prevention and detection, antivirus protection) in accordance with CESO's security requirements as set out in CESO policies, standards and operations procedures manuals, and leading security practices.
- Continuously improve monitoring capabilities and automation.
- Support, deliver, and sustain image customization and secured builds utilizing STIGS and other templates to ensure all applications, servers, and services are configured in accordance with the risk management framework and the JSIG Rev 4 and beyond.
- Ensure all system and services are properly STIGed and JSIG Rev 4 compliant prior to deployment into the production environment.
- Ensure all system logs, application logs, and event logs are sent to the security operations team and the insider threat team in real time.
- Provide network forensics monitoring service integration: The contractor's network forensics service must integrate with the contractor's monitoring solution in order to allow alarms to be created.
Basic Qualifications
- BS degree and 8-12 years of prior relevant experience or Masters with 6-10 years of prior relevant experience.
- Candidate must possess an active DOD TS/SCI level security clearance and ability to obtain and maintain a w/CI Poly
- Maintain expert knowledge of endpoint and networking security controls; provide updates to security control guidance.
- Familiarity with all related aspects of cybersecurity operations and security architecture & engineering.
- In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies (TTPs).
- IAT Level II Baseline Certification (e.g. CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
- Ability to translate highly technical matter to non-technical audience
- Excellent communication skills
- In-depth experience with security domains and industry best practices; business continuity and disaster recovery, emerging technology
Preferred Qualifications
Prior experience with one or more of the following tools:
- WSUS
- Spacewalk
- Splunk
- Solarwinds
- ACAS
Prior experienced with DISA and DISA's support to mission partners
- TS/SCI w/CI Poly Preferred
- Proficient in cloud hosted networks
- Master's degree in IT, Cybersecurity, or related field