Cyber Security Analyst - MID
Rosslyn, Virginia
Applications have closed
Novetta
Accenture is committed to solutions that improve outcomes, enabling a National Security posture that’s ready, intelligent and empowered. Learn more.Job Description:
Novetta is looking for an information technology analyst for a cybersecurity team which performs vulnerability analysis for a customer with a complex network featuring over 100,000 endpoints. The objectives of the team are to assist the enterprise with vulnerability management and to provide tailored remediation strategies to stakeholders in order to improve the overall cybersecurity posture of the organization. In this role, you will assist a small team in vulnerability identification and prioritization for stakeholders at all levels across the enterprise. This will include analysis of high-profile and high-impact vulnerabilities, zero-day threats, the creation and execution of mitigation strategies, and liaising with various IT stakeholders to coordinate implementation of such strategies.
Further aspects of this role will involve:
- Assisting enterprise efforts on cybersecurity assessments, and coordinating and executing remediation and mitigation strategies;
- Preparing reports and conducting briefings for senior leadership related to both routine and high-profile vulnerability analysis;
- Developing and perform high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, policy compliance, and vulnerability analysis of the overall enterprise security posture;
- Communicating recommendations to the responsible parties, and subsequently engaging in both tracking and verification of their remediation efforts;
- Interfacing with cybersecurity product vendor support teams to keep abreast of developments within products currently in use;
- Documenting team processes for use in internal Standard Operating Procedures (SOPs), and other on-the-shelf documentation of processes for future team reference;
- Building working relationships to effectively complete the mission, while acknowledging and respecting stakeholder needs and requirements;
- Both formulating new and adjusting existing information security metrics for the purpose of analysis and greater enterprise security posture awareness; and consultation and support to other parties concerning Computer Network Defense (CND), often on an ad hoc basis, as necessary for the mission.
Basic Qualifications:
- Bachelor’s Degree or equivalent years of experience in a relevant field (e.g. Cybersecurity, Information Technology, or Computer Science);
- Minimum two (2) years of experience in information security, information technology, or related field;
- Experience with traditional Blue Team or Red Team network security activities, and the performance of cyber risk assessments through correlating known vulnerabilities, understanding the threat environment, and prioritizing to mitigate risk to network assets;
- Effective written and verbal communications skills to prepare and present security assessment results to stakeholders, and to further build relationships with them;
- Demonstrated ability to review publicly-disclosed vulnerabilities, determine their relevance for the Department, asses impact to Department systems, and recommend appropriate remediation actions to relevant stakeholders and leadership;
- Working-level proficiency in Splunk, or other enterprise-level data aggregation tools (the ability to execute basic queries, create reports and dashboards);
- A demonstrated understanding of the Lockheed Martin Cyber Kill Chain, MITRE Attack Framework, and relevant threat actors as part of demonstrating understanding of the cyber threat landscape;
- A demonstrated ability to review vulnerability and security configuration compliance scan results, highlight relevant findings, identify impact, and recommend next steps for remediation;
- Some familiarity and understanding of networking hardware security configurations–specifically with regard patch cycles and security configurations compliance
Desired Qualifications:
- Security+ and/or Network+ certification;
- Some experience or familiarity with NIST Special Publication 800-53, cybersecurity policy development as influenced by NIST documentation, and CVE (Common Vulnerabilities and Exposures) standards;
- Experience with project management to ensure stakeholders remain on schedule with patching and policy compliance to improve overall network security posture
Security:
- Active Secret clearance required
- Top Secret security clearance preferred
Novetta, from complexity to clarity.
Novetta delivers highly scalable advanced analytics and secure technology solutions to address challenges of national and global significance. Focused on mission success, Novetta pioneers disruptive technologies in machine learning, data analytics, full-spectrum cyber, cloud engineering, open source analytics, and multi-INT fusion for Defense, Intelligence Community, and Federal Law Enforcement customers. Novetta is headquartered in McLean, VA with over 1,300 employees across the U.S.
Our culture is shaped by a commitment to our core values:
Integrity • We hold ourselves accountable to the highest standards of integrity and ethics.
Customer Success • We strive daily to exceed expectations and achieve customer mission success.
Employee Focus • We invest in our employees’ professional development and training, respecting individuality, and fostering a culture of diversity and inclusion.
Innovation • We know that discovering new and innovative ways to solve problems is critical to our success and makes us a great company.
Excellence in Execution • We take pride in flawless execution as we build a company that is best in class.
Earn a REFERRAL BONUS for the qualified people you know.
For more details or to submit a referral, visit bit.ly/NovettaReferrals.
Novetta is an equal opportunity/affirmative action employer.
All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
Tags: Analytics Audits Blue team Clearance Clearance Required Cloud Compliance Computer Science Cyber Kill Chain Machine Learning Network security NIST Open Source Red team Security assessment Security Clearance Splunk Top Secret Vulnerabilities Vulnerability management
Perks/benefits: Salary bonus Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs