Cyber Security Analyst II (Developer)

OSC Global

$75K — $95K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • High School Diploma or GED equivalent
  • 2 years of experience conducting vulnerability scans
  • Experience in Cybersecurity analyst roles within DoD or Federal Government
  • Familiarity with developing automation and dashboards for Cybersecurity
  • Experience with structured data handling and APIs
  • Must be DoD 8570 certified or achieve certification in 6 months
  • Active Secret security clearance required

Responsibilities

  • Conduct vulnerability scans based on tickets or Cybersecurity Manager directives
  • Analyze and respond to Cyber events and incidents in information systems
  • Advise on Cyber defense strategies and manage intrusion detection efforts
  • Assess IT assets for DISA STIG compliance and track overdue vulnerabilities
  • Develop and maintain tools for automated vulnerability management and compliance
  • Review security alerts from Microsoft 365 Defender and other platforms
  • Collaborate with teams to remediate security vulnerabilities and improve processes

Benefits

  • DoD 8570 certification support
  • Opportunity to develop custom Cybersecurity tools and automation
  • Collaborative work environment with technical teams
  • Near real-time visibility into Cybersecurity operations
  • Chance to influence Cybersecurity strategy and operational efficiency
Full Job Description
Position Overview

The Cyber Security Analyst II (Developer) supports cybersecurity operations through vulnerability management, security monitoring, compliance assessment, and the development of custom tools, automation, and dashboards. Using platforms such as ACAS, eMASS, HBSS/ESS, Microsoft 365 Defender, and SIEM technologies, this role develops and sustains solutions that support scan operations, threat detection, reporting, quarantine workflows, and risk management. The position also maintains an IT Common Operational Picture (COP) to provide near real-time cybersecurity visibility and collaborates with technical teams and leadership to improve automation, operational efficiency, and security posture.

Major Activities
  • Conduct vulnerability scans of IT assets as requested from tickets or as directed by the Cybersecurity Manager.
  • Apply knowledge of monitoring, analyzing, detecting, and responding to Cyber events and incidents within information systems and networks.
  • Advise on an integrated, dynamic Cyber defense and leverage Cybersecurity solutions to deliver Cybersecurity operational services, including intrusion detection and prevention, situational awareness of network intrusions, security events, data spillage, and incident response actions.
  • Assess IT assets for Cybersecurity compliance in accordance with DISA STIG requirements.
  • Develop POA&Ms to track overdue vulnerabilities, STIG deviations, and approved risk-based remediation actions.
  • Review and investigate security alerts and incidents from Microsoft 365 Defender and other Cybersecurity monitoring platforms.
  • Utilize eMASS to maintain and update POA&M status.
  • Review device compliance status from HBSS/ESS.
  • Work with NEC Operations team members to remediate and mitigate security vulnerabilities.
  • Review the latest Cybersecurity intelligence information and provide recommendations to improve the Cybersecurity posture.
  • Develop, maintain, and enhance locally created Cyber tools and automation supporting ACAS/Tenable scan execution, scan scheduling, vulnerability analysis, reporting, remediation tracking, and automated analysis of scan results.
  • Develop and maintain toolsets that support quarantine recommendations, workflow actions, or system isolation processes based on scan results, approved business rules, and Cybersecurity Manager direction.
  • Develop scripts, queries, dashboards, automated reports, and visualizations that support vulnerability management, compliance visibility, operational decision-making, and key Cybersecurity metrics.
  • Develop and sustain an IT Common Operational Picture (COP) for use by the IT Monitoring team, Cyber team, and leadership, integrating approved Cybersecurity and IT operations data sources.
  • Assist in defining technical requirements, data sources, business rules, workflows, and acceptance criteria for locally developed Cyber tools.
  • Maintain source code, scripts, configuration files, technical documentation, user guides, and standard operating procedures for locally developed tools; troubleshoot, debug, test, and validate Cyber tools and automation workflows to ensure accuracy, reliability, security, and compliance
  • Coordinate with Cyber analysts, system administrators, network administrators, database administrators, and monitoring teams to improve automation, operational visibility, Cybersecurity processes, and workflow optimization.
  • Perform other duties as appropriate and as assigned.


Knowledge/Skills/Abilities
  • Ability to accurately and efficiently analyze log files, firewall logs, IDS logs, endpoint security alerts, and vulnerability scan data to identify possible threats to network security and support incident response actions.
  • Working knowledge of Host Based Security Systems, Endpoint Security Solutions, ACAS vulnerability scanning software, Security Information and Event Management analysis, and Information Assurance Vulnerability Alert management.
  • Ability to develop scripts, tools, dashboards, or automation to support Cybersecurity operations, vulnerability management, reporting, or compliance tracking.
  • Working knowledge in scripting or development languages such as PowerShell, Python, SQL, JavaScript, C#, .NET, or similar technologies.
  • Ability to develop, test, document, and maintain locally created tools in support of Cybersecurity and IT operations.
  • Ability to parse, transform, correlate, and report data from multiple sources, including vulnerability scanners, endpoint security tools, SIEM platforms, ticketing systems, and asset inventories.
  • Knowledge of ACAS/Tenable scan results, vulnerability scoring, plugin data, asset risk, scan coverage, remediation tracking, and reporting requirements.
  • Knowledge of dashboard development, data visualization, and operational reporting concepts.
  • Ability to develop and maintain Common Operational Picture dashboards, Cybersecurity dashboards, Power BI reports, SharePoint dashboards, web-based dashboards, or similar operational visibility tools.
  • Ability to translate Cybersecurity requirements into technical tool requirements, automation workflows, reports, and dashboards.
  • Ability to troubleshoot application issues, script errors, data quality issues, permission issues, and integration problems.
  • Excellent verbal, written, and interpersonal communication skills.
  • Excellent organizational and multi-tasking skills.
  • Strong analytical, critical thinking, and problem-solving abilities.
  • Strong presentation and coordination skills.
  • Adaptable and capable of working in fast-paced operational
  • Proficient in Microsoft Word, Excel, PowerPoint, SharePoint, and Microsoft 365 collaboration tools.
  • General understanding of secure coding practices, access control, least privilege, data protection, and handling of sensitive Cybersecurity data.


Physical Abilities

  • Sufficient fine motor skills for the use of computers, calculators with an ability to withstand repetitive keyboarding for extended periods of time.
  • Ability to work in confined rack spaces.
  • Visual and communications ability are adequate to perform the essential functions of the job.
  • Ability to kneel, bend and twist at the waist on an occasional basis.
  • Ability to reach below shoulder height with regular frequency (desk position) and at or above shoulder height on occasion.
  • Ability to push, pull, carry and lift objects weighing up to 50 pounds on a regular basis, and greater weights on an occasional basis.


Required Qualifications
  • High School Diploma or GED equivalent.
  • Minimum of two (2) years of experience performing vulnerability scans using Tenable SecurityCenter, Tenable.sc, or ACAS.
  • Experience performing Cybersecurity analyst functions in DoD or Federal Government
  • Experience developing scripts, automation, dashboards, reports, or locally created tools used to support Cybersecurity, IT operations, vulnerability management, compliance, or monitoring functions.
  • Experience working with structured data, reports, exports, APIs, databases, or log sources to support Cybersecurity analysis and operational reporting.
  • Must be DoD 8570 certified or be able to obtain certification within six (6) months of contract start.
  • Must be a U.S. citizen.
  • Must possess an active Secret security clearance or higher.
  • Must be able to pass a pre-employment background check.


Preferred Qualifications
  • Bachelor's degree in IT, Cybersecurity, Computer Science, Software Development, Information Systems, or related field; or equivalent relevant experience.
  • ACAS and/or HBSS/ESS Administrator certification obtained within the last three years.
  • Experience developing Cybersecurity tools, automation, dashboards, or reports using technologies such as PowerShell, Python, SQL, Power BI, SharePoint, or similar platforms.
  • Experience integrating and analyzing data from Cybersecurity and IT systems, including ACAS/Tenable, Microsoft 365 Defender, SIEM tools, eMASS, ticketing systems, or asset management platforms.
  • Experience supporting DoD Cybersecurity operations, including RMF, POA&M management, IAVA management, DISA STIG compliance, or vulnerability remediation activities.

Similar Jobs

More Jobs at OSC Global

  • System Analyst II- NOC
    $63K — $117K *
    Richland, WA 99352 (Benton County)
    Information Technology
    In-Person

More Information Technology Jobs

Find similar Cyber Security Analyst II (Developer) jobs: