POSITION DEFINITION:

The Cybersecurity Analyst has the responsibility for providing 24x7 support while ensuring the confidentiality, integrity and availability of the company information systems. The incumbent works as part of a “hands-on” onsite Cybersecurity Team who will be responsible for providing support to detect, respond, mitigate, and report cyber threats and attacks to appropriate personnel. Develops and administers processes and procedures that are compliant with National Institute of Standards and Technology (NIST) Cybersecurity Framework and other regulatory requirements. Monitors and maintains security infrastructure. Performs administration, monitoring, and maintenance of assigned information and cyber security program components to ensure safeguarding of data. Researches scenarios and compose messaging for the Employee Security Awareness program. Actively participates in administering and monitoring the Vulnerability Management Program, analyzing vulnerability issues in a timely and accurate fashion. Provides technical assistance, direction, and guidance necessary with information security initiatives. The Cybersecurity Analyst will also be responsible for providing excellent customer service, leading security related projects, and demonstrating great teamwork.

Due to the work involved on our affiliate’s assets, U.S. Citizenship is required pursuant to their contract with the federal government.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Proactively monitors the environment to detect and implement steps to mitigate cyber-attacks before they occur, including:

o Monitors security-related resources for new and emerging cyber threats

o Independently reviews, investigates, and responds to real-time alerts within the environment

o Independently reviews real-time and historical reports for security and/or compliance violations

o Communicates with senior cybersecurity personnel and IT management relating to critical incidents and strategic security requirements

• Reviews system audit logs and the logs of other cybersecurity solutions

• Develops and executes Security Awareness activities (including recommended training) to keep employees and external customers abreast of developments and requirements of the Information and Cyber Security Program

• Works with Security Operations Center (SOC) analysts and management to triage and respond to security alerts. Coordinates assessment, containment and eradication with the Incident Response Team. Coordinates tuning of preventative and detective security controls to increase fidelity and reduce false positives

• Manages threat lists (e.g. whitelists, blacklists, etc.)

• Ensures vulnerabilities are remediated according to established plans, including:

o Independently running internal vulnerability/penetration testing tools as instructed

o Independently researches and recommends security patches (includes firmware, operating systems, and software) for cybersecurity solutions

o Independently evaluates the security impact of software changes

o Helps monitor vulnerability and threat services to understand current risk, recommend response and mitigation/countermeasure strategies

• Works with business units and end users to create new and enhance existing Data Loss Prevention (DLP) rules to expand the protection of Company data

• Conducts independent research into and provide informed opinions on the selection of 3rd party vendors and the process of TableTop cybersecurity exercises for all business units

• Composes or reviews cybersecurity incident response plans and runbooks and create or verify automation methods for plan and runbook implementation

• Recommends updates to IT security policies and procedures

• Other related duties as required

REQUIRED EDUCATIONS and EXPERIENCE:

• High School Diploma or equivalent

• Minimum of three years’ experience in information technology, information technology security or cyber security related fields is required

• At least one year of cyber security incident collection, analysis, and reporting process procedures desired

• Hands-on experience in supporting and maintaining information technology and cyber security tools and technologies (endpoint protection, vulnerability and patch management, desktop management, mobile security, and alerting and monitoring utilities) desired

• Security + and/or Network+ certification desired

TECHNICAL KNOWLEDGE, SKILLS AND COMPETENCIES:

• Fundamental understanding of computer networking (TCIP/IP)

• Hands-on experience in supporting Microsoft Windows and Linux Operating Systems (OS) and platforms

• Knowledge of cyber threats and vulnerabilities

• Knowledge of adversarial tactics, techniques, and procedures

• Scripting experience (PowerShell or Python) is a plus

• Ability to analyze complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner

• Ability to produce high-quality work in a timely fashion in a fast-paced environment

• Ability to work on multiple projects and tasks while remaining detail oriented

• Excellent analytical and problem solving skills as well as interpersonal skills to interact with team members and upper management

• Ability to work independently often and exercise sound judgment and decision making • Strong attention to detail, well-organized, and able to manage time efficiently. • Team player with ability to deal effectively with individuals at all levels.

• Clear and concise communication skills – verbal and written