Scientific Research Corporation - North Charleston, SC

posted about 2 months ago

Full-time - Senior
North Charleston, SC
Professional, Scientific, and Technical Services

About the position

The Cyber Security Analyst will ensure the robust cyber security posture of the AWS IL5 Cloud environment through comprehensive measures, policies, and practices. This role is critical in maintaining the integrity and security of sensitive information and systems within the cloud infrastructure. The analyst will conduct regular risk assessments to identify potential vulnerabilities and threats within the AWS IL5 environment, developing strategies for risk mitigation and implementing necessary controls to address identified risks. A risk register will be maintained to document identified risks and corresponding mitigation actions, ensuring that AWS configurations align with IL5 security requirements, including encryption, access controls, and network segmentation. In addition to risk management, the Cyber Security Analyst will implement and enforce compliance with relevant security standards and regulations, such as NIST SP 800-53 and DoD IL5 requirements. Monitoring AWS configurations for deviations from security baselines is essential, and the analyst will promptly remediate any non-compliant settings. Strong IAM policies will be implemented to enforce least privilege access across AWS resources, with regular reviews of IAM roles and permissions to ensure alignment with this principle. The role also involves enabling multi-factor authentication (MFA) for privileged accounts and sensitive operations, deploying robust monitoring tools to detect unauthorized access attempts, suspicious activities, and security breaches. Establishing incident response procedures is a key responsibility, allowing for prompt responses to security incidents to minimize their impact. The analyst will conduct post-incident reviews to identify lessons learned and improve incident response processes. Encryption mechanisms will be implemented to protect data at rest and in transit within the AWS IL5 environment, with regular reviews of encryption policies and key management practices to ensure effectiveness. Providing regular security training and awareness programs to AWS IL5 users and administrators is also a vital part of this role, educating users about common cyber threats, phishing attacks, and best practices for secure usage of AWS resources. The analyst will encourage a culture of security awareness and proactive risk mitigation among all stakeholders. Periodic security assessments and audits will be conducted to evaluate the effectiveness of cyber security controls, identifying areas for improvement and implementing enhancements to strengthen the security posture of the AWS IL5 Cloud. Staying abreast of emerging cyber threats, vulnerabilities, and industry best practices is essential to adapt security measures accordingly. The position requires travel approximately 3-4 days a quarter, as required.

Responsibilities

  • Conduct regular risk assessments to identify potential vulnerabilities and threats within the AWS IL5 environment.
  • Develop strategies for risk mitigation and implement necessary controls to address identified risks.
  • Maintain a risk register documenting identified risks and corresponding mitigation actions.
  • Ensure AWS configurations align with IL5 security requirements, including encryption, access controls, and network segmentation.
  • Implement and enforce compliance with relevant security standards and regulations, such as NIST SP 800-53 and DoD IL5 requirements.
  • Monitor AWS configurations for deviations from security baselines and promptly remediate any non-compliant settings.
  • Implement strong IAM policies to enforce least privilege access across AWS resources.
  • Regularly review IAM roles and permissions to ensure alignment with the principle of least privilege.
  • Enable multi-factor authentication (MFA) for privileged accounts and sensitive operations.
  • Deploy robust monitoring tools to detect unauthorized access attempts, suspicious activities, and security breaches.
  • Establish incident response procedures to promptly respond to security incidents and minimize their impact.
  • Conduct post-incident reviews to identify lessons learned and improve incident response processes.
  • Implement encryption mechanisms to protect data at rest and in transit within the AWS IL5 environment.
  • Regularly review encryption policies and key management practices to ensure effectiveness.
  • Provide regular security training and awareness programs to AWS IL5 users and administrators.
  • Educate users about common cyber threats, phishing attacks, and best practices for secure usage of AWS resources.
  • Encourage a culture of security awareness and proactive risk mitigation among all stakeholders.
  • Conduct periodic security assessments and audits to evaluate the effectiveness of cyber security controls.
  • Identify areas for improvement and implement enhancements to strengthen the security posture of the AWS IL5 Cloud SCCA.
  • Stay abreast of emerging cyber threats, vulnerabilities, and industry best practices to adapt security measures accordingly.

Requirements

  • Technical training in Cyber Security, Information Technology, Network Architecture, Network Design, and/or Strategic Planning.
  • Fifteen (15) years of hands-on experience with task specific project, to include three (3) of the following areas: Systems Requirements, Operational Requirements, Enterprise Strategic Planning and operations, Enterprise systems incident management, Test & Evaluation, and Training.
  • Recognized expert who has demonstrated industry and public service leadership in one or more of: advanced system architecture; cyber security; hardware technologies; digital/analog communications technologies; applied physics; human factors engineering; computer simulation; electronic sensor technologies; and Enterprise Resource Planning (ERP).
  • Demonstrated experience in at least two of the following areas: Ability to plan and organize work and interact with technical and non-technical personnel translating user requirements into responsive applications.
  • Detailed knowledge of IA concepts and requirements.
  • Comprehensive knowledge of DOD military specifications and standards.
  • System design integration planning for multiple large-scale installations.
  • Application and System Assessments, planning execution and management.
  • System requirements planning and oversight.
  • Technical development product milestone scheduling.

Nice-to-haves

  • RMF experience
  • USMC Cyber experience
  • SAFe (Scaled Agile Framework) experience

Benefits

  • Competitive salary
  • Extensive benefits package
  • Work environment that encourages excellence
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service