The cybersecurity analyst will provide day-to-day cybersecurity operations support.
Responsibilities:
- Interfaces and communicates with internal/external stakeholders regularly to identify and review software for use in a CMMC Level 2 environment and eventually CMMC level 3 environment
- Provides consulting relative to cybersecurity strategy, metrics, and compliance
- Supports the development of CMMC cybersecurity assessment related instruction
- Gather evidence in support of audits
- Provides subject matter expertise on matters including governance and oversight, standards and processes, tools and technology
- Support the development, implementation, and management of security policies/procedures to ensure they remain aligned with business objectives/meet regulatory requirements
- Correlate threat information from various sources, including security incidents raised by the user community such as phishing attempts, malware outbreaks, unauthorized access attempts, as well as security alerting sources
- Maintain current knowledge of DoD security and technical guidelines and the organization's policies
- After-hours support is required for incident handling, maintenance and patching when needed
- Collaborate with cross-functional teams to drive security improvements and ensure project objectives are met within scope, time, and budget constraints
Requirements:
- Experience in Microsoft Defender and Sentinel, analyzing events and recommended actions
- Experience with Corelight Investigator is highly preferred
- Technical background with a variety of information security systems and tools including firewalls, intrusion detection systems, intrusion prevention systems, vulnerability management, intrusion detection and prevention, cloud access security broker, anti-virus/malware, data loss prevention
- Experience or knowledge designing and implementing controls within corporate networks to include computer and network security and operating systems such as UNIX, Linux, MAC, and WINDOWS, as well as LAN/WAN internetworking protocols such as TCP/IP and network perimeter protection
- Strong analytical skills in order to identify security risks and appropriate measures needed to help mitigate those risks. Must be comfortable conducting independent research into issues and inquiries to provide guidance when requested
Qualifications : - Bachelor's degree in Cybersecurity, Information Technology, or a related field (or equivalent experience)
- 2+ years of experience in cybersecurity, with a focus on architecture, strategy, or special projects
- Understanding of security frameworks (e.g., NIST, ISO 27001) and risk management methodologies
- Hands-on experience with security tools, vulnerability management, and incident response processes
- Experience with security architecture design, including cloud security platforms (AWS/Azure)
- Excellent written and verbal communication skills with the ability to present complex information to both technical and non-technical stakeholders
- Preferred Certifications: CISSP, CISM, OSCP, or equivalent industry-recognized certifications; GIAC certifications (GCIH, GCFA, GCIA) and cloud security credentials (CCSP, AWS Security Specialty) a plus
Pay InformationFull-Time Salary Range: $104,000 to $120,000
The salary range listed is based on external market data. Offers are based on factors, such as but not limited to, the candidate's experience, education, training, key skills/critical skills, security clearances, and prevailing market and business conditions.
STR is a growing technology company with locations near Boston, MA, Arlington, VA, near Dayton, OH, Melbourne, FL, and Carlsbad, CA. We specialize in advanced research and development for defense, intelligence, and national security in: cyber; next generation sensors, radar, sonar, communications, and electronic warfare; and artificial intelligence algorithms and analytics to make sense of the complexity that is exploding around us.
STR is committed to creating a collaborative learning environment that supports deep technical understanding and recognizes the contributions and achievements of all team members. Our work is challenging, and we go home at night knowing that we pushed the envelope of technology and made the world safer.
STR is not just any company. Our people, culture, and attitude along with their unique set of skills, experiences, and perspectives put us on a trajectory to change the world. We can't do it alone, though - we need fellow trailblazers. If you are one, join our team and help to keep our society safe! Visit us at www.str.us for more info.
