Cyber Security Analyst
Job Description:Cyber Security Analyst
Technical Skills:SkillYears/Level of ExperienceAmazon Web Services (AWS) SecurityP2 - IntermediateApplication SecurityP2 - IntermediateApplication Security AssessmentsP2 - IntermediateCloud Security Risk ManagementP2 - IntermediateCyber Security GovernanceP2 - Intermediate
P1 – Beginner (0-2yrs experience)
P2 – Intermediate (3-5yrs experience)
P3 – Advanced (7-10yrs experience
P4 – Expert (10+yrs experience)
Duties & Responsibilities:
-Support Certification and Accreditation efforts.
Review audit closure requests & status reports for security control accuracy and completeness.
-Develop security recommendations following NIST 800-53 rev.5 guidance & security best practices.
-Formulate, create, and track security Plans of Action and Milestones (POA&Ms).
Review & update security artifacts and process/procedure documents.
-Collaborate w/ISSOs of other FISMA systems to ensure continued compliance w/security control inheritance conditions.
-Develop & maintain Splunk reports, dashboards, & alerts.
Experience & Skills:
-Demonstrated experience w/implementation of NIST Risk Management Framework.
-Broad understanding of security protections typical in enterprise environments, including security hardening, firewalls, and boundary/endpoint best practices.
-Basic understanding of server, workstation, network, and database architecture & cloud service providers such as AWS
Accenture Federal Services is looking for a Cybersecurity Analyst with a technical background to join our team supporting an important a Department of Justice agency in the National Capital Region. This is an exciting opportunity to work with a team responsible for IT Security Risk and Compliance by providing direct support to the Information System Security Officer (ISSO). The Senior Cybersecurity Analyst will support the IT Security management with technical review, technical solution proposal, and planning in the areas of security controls, risk assessment, issue analysis, and response development and execution. Specifically, this job requires the following:
Duties and Responsibilities:
•Perform root cause analysis of audit findings.
•Develop requirements for security control remediation activities.
•Review audit closure requests and status reports for security control accuracy and completeness.
•Develop plans to address gaps in the General Support System’s security posture.
•Develop security recommendations following NIST 800-53 rev.5 guidance and secrity best practices.
•Support the development of security solutions.
•Formulate, create, and track security Plans of Action and Milestones (POA&Ms).
•Coordinate with platform teams to maintain currency of the system’s technical description and control implementation statements.
•Perform a security impact analysis for each proposed change to the system’s configuration.
•Review and update security artifacts and process/procedure documents.
•Interpret security principles and requirements for technical teams.
•Collaborate with ISSOs of other FISMA systems to ensure continued compliance with security control inheritance conditions.
•Obtain and maintain Authority to Operate (ATO) for multiple systems.
•Monitor remediation of system vulnerabilities discovered by scanning tools.
•Develop and maintain Splunk reports, dashboards, and alerts.
Experience & Skills:
•At least two (2) years working as or supporting, an ISSO or ISSM.
•Experience with information security engineering practices and NIST security controls.
•Demonstrated experience with implementation of NIST Risk Management Framework.
•Broad understanding of security protections typical in enterprise environments, including security hardening, firewalls, and boundary/endpoint best practices.
•Basic understanding of server, workstation, network, and database architecture.
•Familiarity with cloud service providers such as AWS and best practices.
•Familiarity with Splunk, Symantec Endpoint Protection, Tenable Security Center, IBM BigFix and IDS/IPS tools, and Sonarqube.
•Knowledge of security policy/manuals, and other guiding policy documents.
•Strong interpersonal, presentation, and communication skills (verbal and written).
•Fluent with Microsoft Office products (Word, PowerPoint, Excel, Project, Visio).
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or 844-463-6178.
Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.