Cyber Security Analyst (3128)

SMX is seeking a Cyber Security Analyst. In this role, you will provide support in the areas of computer forensics and cybersecurity assessments including cybersecurity production, integration, and test documentation including requirements definition, installation procedures and diagrams, and test procedures. You will participate with a team of government and contractor personnel with diverse backgrounds and depths of experience. You will use critical and creative thinking to accomplish tasks supporting multiple projects and customers. You will employ penetration testing (PenTesting) and offensive cybersecurity skills. You will have access to some of the best technical training, and more of it than you will ever have time to accomplish. You will have flexible daytime working hours onsite between 6AM to 5PM and rarely put in overtime or off-hours. Finally, you will enjoy the perk of parking right next to the building.

The Cyber Security Analyst will:

• Provide cybersecurity forensics and assessments across the full program life cycle for simple and complex computer equipment and systems projects, programs, and customers
• Apply and integrate principles to investigate, analyze, plan, design, develop, implement, test, or evaluate systems, subsystems, lab tools, and test tools; Interpret, assess, and create designs from technical drawings; Review and prepare technical analyses, reports, briefs change proposals, and other technical documentation
• Assist ISSM with conducting cybersecurity impact assessments on proposed system and application designs, engineering change proposals, and DevSecOPs implementations; maintenance of application and system IT security POA&Ms ensuring POA&Ms are reviewed and updated monthly; Coordinate mitigation activities with application developers; Monitor security controls throughout the system lifecycle; Conduct test and evaluation of constructed components and systems
• Analyze, design, develop, implement, test, or evaluates software, components, or systems related to functional requirements of systems, and associated support systems, or management information systems
• Solve problems, requiring solutions drawing from a broad range of technical disciplines, research and development experience; Work with peers and subordinates to identify risks and opportunities across multiple projects; Prepare, updates, and briefs project plans and status reports
• Identify equipment requirements and create, submit, and track equipment procurement documentation; Conduct site surveys, verify and inspect equipment, and coordinate CONUS/OCONUS equipment deliveries; Identify and coordinate with subcontractors necessary for equipment assembly, installation, and checkout
• Provide support to the Project Manager and sponsor for operational direction and oversight
• Model integrity and initiative

Required Skills and Experience:

• Clearance Required: Must be able to obtain/maintain Top Secret clearance eligibility w/SCI accesses
• Security or equivalent DoD8570/8140 IAT level-II certification to meet the Navy Cybersecurity Workforce requirements
• Four (4) or more years of applicable work experience and a bachelor's degree in computer science/IT-related field or a qualifying substitution
• Bachelor's degree can be substituted with associate degree plus six (6) years of applicable work experience, or no degree plus eight (8) years of applicable work experience
• Experience assessing security of applications/devices
• Experience with Linux and comfortable using it
• Experience with networking equipment (routers, switches)
• Experience implementing the DoD Risk Management Framework
• Experience implementing security of containerized applications
• Experience in maintenance of application and system IT security POA&Ms
• Must be able to effectively handle multiple and shifting priorities and possess excellent time management skills.
• Must possess strong written and verbal communication skills

Desired Skills:

• Experience with or certification in Penetration Testing (PenTesting)
• Examples include CompTIA PenTest , Global Information Assurance Certification (GIAC) Penetration Tester (GPEN), and Offensive Security Certified Professional (OSCP)
• CISSP or equivalent DoD8570/8140 IAT level-III certification
• Preference to computer science/IT-related bachelor's degree for future advancement

#cjpost #LI-KK1