Cyber Security Analyst

Scientific Research Corporation - North Charleston, SC

posted 4 months ago

Full-time - Senior
North Charleston, SC
Professional, Scientific, and Technical Services

About the position

The Cyber Security Analyst will ensure the robust cyber security posture of the AWS IL5 Cloud environment through comprehensive measures, policies, and practices. This role involves conducting regular risk assessments to identify potential vulnerabilities and threats within the AWS IL5 environment. The analyst will develop strategies for risk mitigation and implement necessary controls to address identified risks, maintaining a risk register that documents identified risks and corresponding mitigation actions. Ensuring AWS configurations align with IL5 security requirements, including encryption, access controls, and network segmentation, is a critical responsibility. The Cyber Security Analyst will implement and enforce compliance with relevant security standards and regulations, such as NIST SP 800-53 and DoD IL5 requirements. Monitoring AWS configurations for deviations from security baselines and promptly remediating any non-compliant settings is essential. The role also includes implementing strong IAM policies to enforce least privilege access across AWS resources, regularly reviewing IAM roles and permissions, and enabling multi-factor authentication (MFA) for privileged accounts and sensitive operations. Additionally, the analyst will deploy robust monitoring tools to detect unauthorized access attempts, suspicious activities, and security breaches. Establishing incident response procedures to promptly respond to security incidents and minimize their impact is crucial, along with conducting post-incident reviews to identify lessons learned and improve incident response processes. The analyst will also implement encryption mechanisms to protect data at rest and in transit within the AWS IL5 environment, regularly reviewing encryption policies and key management practices to ensure effectiveness. Providing regular security training and awareness programs to AWS IL5 users and administrators is part of the role, educating users about common cyber threats, phishing attacks, and best practices for secure usage of AWS resources. Encouraging a culture of security awareness and proactive risk mitigation among all stakeholders is vital. The analyst will conduct periodic security assessments and audits to evaluate the effectiveness of cyber security controls, identifying areas for improvement and implementing enhancements to strengthen the security posture of the AWS IL5 Cloud SCCA. Staying abreast of emerging cyber threats, vulnerabilities, and industry best practices to adapt security measures accordingly is also a key responsibility. The position requires travel approximately 3-4 days a quarter, as needed.

Responsibilities

  • Conduct regular risk assessments to identify potential vulnerabilities and threats within the AWS IL5 environment.
  • Develop strategies for risk mitigation and implement necessary controls to address identified risks.
  • Maintain a risk register documenting identified risks and corresponding mitigation actions.
  • Ensure AWS configurations align with IL5 security requirements, including encryption, access controls, and network segmentation.
  • Implement and enforce compliance with relevant security standards and regulations, such as NIST SP 800-53 and DoD IL5 requirements.
  • Monitor AWS configurations for deviations from security baselines and promptly remediate any non-compliant settings.
  • Implement strong IAM policies to enforce least privilege access across AWS resources.
  • Regularly review IAM roles and permissions to ensure alignment with the principle of least privilege.
  • Enable multi-factor authentication (MFA) for privileged accounts and sensitive operations.
  • Deploy robust monitoring tools to detect unauthorized access attempts, suspicious activities, and security breaches.
  • Establish incident response procedures to promptly respond to security incidents and minimize their impact.
  • Conduct post-incident reviews to identify lessons learned and improve incident response processes.
  • Implement encryption mechanisms to protect data at rest and in transit within the AWS IL5 environment.
  • Regularly review encryption policies and key management practices to ensure effectiveness.
  • Provide regular security training and awareness programs to AWS IL5 users and administrators.
  • Educate users about common cyber threats, phishing attacks, and best practices for secure usage of AWS resources.
  • Encourage a culture of security awareness and proactive risk mitigation among all stakeholders.
  • Conduct periodic security assessments and audits to evaluate the effectiveness of cyber security controls.
  • Identify areas for improvement and implement enhancements to strengthen the security posture of the AWS IL5 Cloud SCCA.
  • Stay abreast of emerging cyber threats, vulnerabilities, and industry best practices to adapt security measures accordingly.

Requirements

  • Technical training in Cyber Security, Information Technology, Network Architecture, Network Design, and/or Strategic Planning.
  • Fifteen (15) years of hands-on experience with task specific project, including three (3) of the following areas: Systems Requirements, Operational Requirements, Enterprise Strategic Planning and operations, Enterprise systems incident management, Test & Evaluation, and Training.
  • Recognized expert who has demonstrated industry and public service leadership in one or more of: advanced system architecture; cyber security; hardware technologies; digital/analog communications technologies; applied physics; human factors engineering; computer simulation; electronic sensor technologies; and Enterprise Resource Planning (ERP).
  • Demonstrated experience in at least two of the following areas: Ability to plan and organize work and interact with technical and non-technical personnel translating user requirements into responsive applications; Detailed knowledge of IA concepts and requirements; Comprehensive knowledge of DOD military specifications and standards; System design integration planning for multiple large-scale installations; Application and System Assessments, planning execution and management; System requirements planning and oversight; Technical development product milestone scheduling.

Nice-to-haves

  • RMF experience
  • USMC Cyber experience
  • SAFe (Scaled Agile Framework) experience

Benefits

  • Competitive salary
  • Extensive benefits package
  • Work environment that encourages excellence

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service