Cybersecurity Analyst
Woburn, Massachusetts, United States
Applications have closed
STR is hiring a Cybersecurity Analyst to aid the Enterprise Cybersecurity Team by providing day to day cybersecurity operations support, systems maintenance, problem resolution, and project support.
The Cybersecurity Analyst will be responsible for reviewing and analyzing cybersecurity events, providing recommendations, performing remediation, and escalating, as appropriate. The Analyst will correlate threat information from various sources, including security incidents raised by the user community such as phishing attempts, malware outbreaks, unauthorized access attempts, as well as security alerting sources. This role will require researching and assessing new threats and security alerts with recommendations for remedial actions to follow. In addition, the Analyst will proactively scan systems and networks to ensure that vulnerabilities are identified and mitigated, including the configuration of scan sites, scheduling of scans, production of reports, and interpretation and communication of results.
The Cybersecurity Analyst supports the development, implementation, and management of security policies/procedures to ensure they remain aligned with business objectives and meet regulatory requirements. The Cyber Analyst should maintain current knowledge of DoD security and technical guidelines, as well as the organization’s policies.
Additional duties include assessing security and compliance of new and existing infrastructure, gathering evidence in support of audits, and creating and maintaining installation and configuration of Standard Operation Procedures (SOPs). After-hours support could be required for incident handling, maintenance, and patching, as needed.
Requirements
- US Citizen with the ability to obtain a Security Clearance
- BS/BA degree in Computer Information Systems/Management Information Systems or related discipline or equivalent
- 5 - 7 years related work experience in information security
- Knowledgeable with NIST 800-171 and NIST 800-53
- Understanding of the Cybersecurity Maturity Model Certification (CMMC)
- DoD 8570 Certs - CISA, CISM, CRISC, CISSP, or similar security certification.
Desired Qualifications
- Experience in maintaining Splunk, analyzing events and providing recommended actions
- Experience in deploying Tenable/Nessus and reviewing output for actionable items
- Experience in Systems/Network Administration
- Experience in threat management and assessment as it relates to physical security
- Experience with corporate security risk assessment, analysis, and mitigating controls.
- Strong technical background with a variety of information security systems and tools including firewalls, intrusion detection systems, intrusion prevention systems, vulnerability management, intrusion detection and prevention, cloud access security broker, anti-virus/malware, data loss prevention.
- Experience designing and implementing controls within corporate networks to include computer and network security and operating systems such as UNIX, Linux, MAC, and WINDOWS, as well as LAN/WAN internetworking protocols such as TCP/IP and network perimeter protection.
- Excellent analytical skills in order to identify security risks and appropriate measures needed to help mitigate those risks. Must be comfortable in conducting independent research of issues and inquiries to provide guidance when requested.
- Experience working with Azure AD, Active Directory including Group Policy
- Experience with Mobile Device Management tools, for instance Microsoft InTune and JAMF
- Experience with endpoint security solutions, including file integrity monitoring, whitelisting, and data loss prevention
- Effective utilization of Security Technical Implementation Guidelines (STIGS) and Security Content Automation Protocol (SCAP) Content and Tools.
- Familiarity with one or more of: Microsoft 365, Microsoft Azure, AWS
Systems & Technology Research (STR) is a rapidly growing technology company with locations north of Boston, MA, Arlington, VA and near Dayton, OH. We specialize in advanced research and development for defense, intelligence, and national security, trying to understand how to protect our society: from stopping malicious botnet attacks, to understanding cyber vulnerabilities, providing next generation sensors, radar, sonar, communications, and electronic warfare to developing artificial intelligence algorithms and analytics to make sense of the complexity that is exploding around us.
STR is committed to creating a collaborative learning environment that supports deep technical understanding and recognizes the contributions and achievements of all team members. Our work is challenging, but you go home at night knowing that you pushed the forefront of technology and made the world a little safer. We recognize that the world is changing, that it is becoming more connected than ever before, making things change faster than before, and reshaping society in the process. We all want to understand this changing world and leave it better for our work.
We're not just any company. Our people, culture, and attitude along with their unique set of skills, experiences, and perspectives put us on a trajectory to change the world. We can't do it alone, though - we need fellow trailblazers. If you are one, join our team and help to keep our society safe!
STR is an equal opportunity employer. We are fully dedicated to hiring the most qualified candidate regardless of race, color, religion, sex (including gender identity, sexual orientation and pregnancy), marital status, national origin, age, veteran status, disability, genetic information or any other characteristic protected by federal, state or local laws.
If you need a reasonable accommodation for any portion of the employment process, email us at appassist@stresearch.com and provide your name, phone number and email address.
Pursuant to applicable federal law and regulations, positions at STR require employees to obtain national security clearances and satisfy the requirements for compliance with export control and other applicable laws
Tags: Active Directory Analytics Artificial Intelligence Audits Automation AWS Azure CISA CISM CISSP Clearance Cloud CMMC Compliance CRISC DoD DoDD 8570 Endpoint security Firewalls Intrusion detection Intrusion prevention Linux Malware Monitoring Nessus Network security NIST Risk assessment SCAP Security Clearance Splunk TCP/IP UNIX Vulnerabilities Vulnerability management Windows
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs