Cybersecurity Analyst, Senior in Chattanooga, TN at Johnson Service Group

Date Posted: 10/30/2019

Job Snapshot

  • Employee Type:
    Full-Time
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    10/30/2019

Job Description

JobID: 376750

FUNCTIONS AND RESPONSIBILITIES:

- Research, analyze and translate Federal laws, regulations and security industry best practices and determine applicability and impact to organization incorporating into organization governance in easily understood presentation
- Develop and manage policies and procedures at the corporate and organizational level ensuring cyber security reliability and accessibility to prevent and defend against unauthorized access to systems, networks, and data

- Facilitate and manage organization-wide security programs designed to protect the confidentiality, integrity and availability of cyber assets and data

- Ensure the effectiveness of enterprise cybersecurity training program(s) through appropriate planning, implementation, and evaluation.

- Plan and manage organization-wide cybersecurity projects utilizing innovative concepts and approaches where precedents do not exist, ensuring project resources, cost and schedule are appropriately managed

- Conduct and manage systems security evaluations and reviews including development of systems security plans, implementation and maintenance of risk assessments, management of the security authorization of systems, and development and maintenance of security categorizations

- Coordinate, prepare and manage formal responses to cybersecurity inquiries from internal and external authorities such as the Office of Inspector General (OIG) and General Accounting Office (GAO)

- Prepare organization reports for internal and external audiences including audiences at a federal level

- Communicate directly, independently and with appropriate authority with program management on cyber security issues

- Represent enterprise information security and policy group on organization-wide projects and provide support to various committees (which often include officers of the organization) that have been established to resolve key cybersecurity issues and federal regulations or recommended guidance [Federal Information Security Act of 2002 (FISMA), National Institute of Standards (NIST), etc.] 

- Respond to incident investigations, perform triage activities, and utilize structured methodologies to prevent, detect and respond to threats

- Support control and vulnerability assessments to identify weaknesses and assess the effectiveness of existing controls, and recommend remedial action

- Develop security processes, work instructions and incident action plans to ensure that security controls are managed and maintained

- Recommend security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems. 

REQUIRED SKILLS AND EXPERIENCE:
- Minimum of a bachelor’s degree in Computer Science, Cybersecurity, Engineering or a related field; OR, in lieu of a degree, equivalent cybersecurity work experience

- Minimum of 3 years of experience in operational security, governance or information system auditing

- Demonstrated experience with  Information Assurance products including SIEM, IDS/IPS, Full Packet Capture, Netflow, Threat Intelligence, Sandboxes and network TAPs

- Experience with Information Assurance-enabled products such as UNIX/Linux, Windows, Firewalls, Network Access Control, Virtualization, Proxy Servers, F5 Load Balancers, and Web Application Firewalls

- Proven knowledge of attack and detection methodologies

- Demonstrated ability to quickly analyze and solve cybersecurity issues

- Proven experience creating parsers, correlation rules, signatures development, and snort rules

- Successful track record of hunting for anomalies that could be indicative of a compromise

- Proven history of successfully interfacing directly with internal and external customers

- Proven ability to be self-motivated and capable of performing most assignments with limited supervision

- Intermediate understanding of information security concepts and practices

- Broad knowledge of business functions and related security needs

- Demonstrated competencies in analysis, teamwork, customer service, planning/organizing, flexibility, stress tolerance and communication

- Proven ability to manage multiple activities simultaneously

- Proven ability to research, evaluate and make recommendations as to policy applicability

- Demonstrated ability to work harmoniously with peers, customers, executives, and other organizations

- Must demonstrate tact and effective judgment dealing with confidential/sensitive material and possess the necessary interpersonal skills and excellent communication skills to be able to communicate effectively with all levels of management, vendors, and other senior level professionals

DESIRED SKILLS AND EXPERIENCE:
- Relevant, industry-recognized certifications such as CISSP, COMPTIA Security+

#D315