Computer & Information Security Analyst 2 - Vets Hired

This position will primarily be responsible for monitoring and analyzing security alerts using our Security Information and Event Management (SIEM) platform, conducting regular vulnerability assessments and configuration compliance scans, managing email security measures, and providing technical support for various cybersecurity tools as needed.

Responsibilities

• Monitor and analyze security alerts using the SIEM system and other specialized monitoring tools.
• Triage and investigate potential cybersecurity incidents, prioritizing threats based on severity and potential impact on the system.
• Conduct a thorough investigation of security violations and incidents, collaborating with other team members and/or escalating to manager as necessary.
• Conduct regular vulnerability assessments and configuration compliance scans across internal and external networks.
• Collaborate with cross-functional IT teams on vulnerability remediation efforts and address configuration baseline deviations, ensuring timely resolution and improved security posture.
• Monitor and analyze email security systems, including user-reported phishing attempts. Perform appropriate investigation and remediation actions as necessary.
• Identify and develop ways to improve the efficiency of security, network, and application log monitoring.
• Provide technical and end-user support for cybersecurity tools as needed.

Qualifications

Bachelors degree in technology-related field and 2-4 years of job-related experience. An equivalent combination of education and experience requiring similar knowledge, skills, abilities, and performing duties as described may be substituted for the minimum requirements.

• Experience conducting vulnerability scanning and assessments using tools like Nessus Professional and Qualys.
• Familiarity with cybersecurity frameworks and standards, such as National Institute of Standards and Technology (NIST) SP 800-53, NIST SP 800-171, and NIST cybersecurity framework is preferred.
• Experience with configuration baselines such as Center for Internet Security (CIS) Benchmarks and Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGS) is preferred.
• Fundamental networking knowledge, such as TCP/IP and common protocols (HTTP, HTTPS, FTP, SSH, DNS, etc.).
• Fundamental understanding of firewalls, intrusion detection/prevention systems (IDS/IPS), data loss prevention (DLP), endpoint antivirus, and email security.
• Ability to read and interpret various system and security logs, such as Windows Event Logs, firewall logs, antivirus logs, email security/filtering logs, and IDS/IPS logs is required.
• Basic knowledge of SIEM systems such as LogRhythm, QRadar, Splunk, ELK stack, etc.
• Must have good verbal and written communication skills.
• Must be able to clearly document findings, incidents, and procedures.
• Must be able to pass a National Agency Check with Inquiries (NACI/Tier 1) background check.