Cybersecurity Analyst

Job Description:

As a Cybersecurity Analyst at SASSI, who will join our United States Government client remotely. The Cybersecurity Analyst works closely with stakeholders and other members of the technical team to gather technical requirements and execute on deliverables. The Cybersecurity Analyst works with an integrated project team comprised of multiple technical disciplines.


Primary Responsibilities:

In this role, you will:

  • RMF Support

  • The Cybersecurity Analyst will provide support by creating and maintaining artifacts required to demonstrate compliance.

  • This position will interact daily with the Senior Analyst and government POCs.

  • Provide technical expertise determining information assurance and cyber security standards.

  • Develops and implements information assurance/security standards and procedures.

  • Recommends information assurance/security solutions to support customers’ requirements. Identifies, reports and resolves cyber security violations.

  • Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.

  • Designs, develops, engineers, and implements solutions that meet security requirements.

  • Provides integration and implementation of the computer system security solution.

  • Analyzes general information assurance and cybersecurity-related technical problems and provides basic engineering and technical support in solving these problems.

  • Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.

Basic Qualifications

  • US Citizen

  • Must hold a minimum Secret clearance

  • 8 years of information security experience

  • 5 years specialized experience in one of the following areas: system security analysis and implementation; system engineering; electrical design, design assurance or testing for information security products and systems; software engineering; program design and implementation; configuration management; or maintenance, integration or testing for information security products and systems.

  • Experience navigating complex organizations, developing and delivering vision through various communication strategies and presentations to senior-level executives and technical audience

  • Good understanding of security governance, compliance, and risk management principles.

  • Possesses and demonstrates a strong understanding of controls assessment techniques.

  • Familiarity with common standards, frameworks, and regulations such as:

  • NIST, ISO, COBIT, SIG, CCM, SOC-2, FAIR, HITRUST, PCI, GDPR.

  • Able to function independently and perform routine tasks such as:

  • Facilitate meetings, organize conference calls, deliver presentations, and so forth

  • Strong analytic and problem-solving skills.

  • Strong oral & written communications to include report development and delivery.

Desired Toolsets (does not have to be all of them):

  • RedSeal

  • Tenable

  • ServiceNow

  • Microsoft TEAMs

  • Technology Harding Tools (e.g., DISA STIGs, CIS Benchmarks, Vendor Guidelines)

  • Governance Risk & Compliance (GRC) Tools (e.g., eMASS, RSA Archer, Xacta)

  • Splunk

  • Penetration Testing Tools (e.g., Nmap, Wireshark, Nessus, Metasploit, Aircrack, NetSparker, RedSeal, Burp Suite)

  • Phishing simulations

  • Cortex XDR endpoint detection and response tool

Desired Skillsets:

  • Report Writing (Technical & Non-Technical)

  • Technical Writing Techniques

  • Drafting government policies and procedures

  • Drafting government RMF SSP and A&A packages

  • Ability to perform qualitative and quantitave risk analysis

  • Zero Trust Architecture (ZTA) Design

  • Cyber Resilience Assessment Methodology

Preferred Qualifications

  • IAM III Certification Level

  • CISSP certification

  • Bachelor's degree in Computer Science, Information Systems, or other related discipline.

Full Time / Part Time

Full time


Regular / Temporary

Regular


Job Exempt (Yes / No)

Yes