Cybersecurity Service Provider (CSSP) Analyst

Criterion Systems - North Las Vegas, NV

posted 3 months ago

Full-time - Mid Level
Remote - North Las Vegas, NV
Professional, Scientific, and Technical Services

About the position

We are seeking a mission-focused Cybersecurity Service Provider (CSSP) Analyst to support and contribute to our government customer's success in Las Vegas, NV! The CSSP Analyst is responsible for the efficient execution of the CSSP Evaluator Scoring Metrics (ESM). This role involves supporting control functions, including assisting with planning and analysis of cybersecurity activities. The CSSP Analyst will play a crucial role in tracking baselines, reporting on deliverables, and communicating findings effectively to stakeholders. In this position, the analyst will be tasked with identifying and prioritizing cybersecurity activities, creating necessary reports, and performing issue/risk/action item tracking. The role also includes creating and managing daily task lists of action items and follow-up activities, helping to develop CSSP artifacts, and tracking historical data. The CSSP Analyst will review current status and schedules for forecasting future activities, monitor and report on the progress of subscriber reviews, and ensure compliance with ESM requirements by verifying and documenting results for formal acceptance. Additionally, the analyst will be responsible for identifying and proposing solutions for areas of improvement, assisting the CSSP in developing and issuing pertinent communication to subscribers and stakeholders, performing and reviewing vulnerability scans, and tracking vulnerability and compliance trends. This position requires a proactive approach to work, with a strong emphasis on attention to detail and the ability to work both independently and collaboratively with team members, customers, and external vendors.

Responsibilities

  • Tracking of baselines, reporting on deliverables, and communication of findings.
  • Identifying and prioritizing cybersecurity activities.
  • Creating necessary reports.
  • Performing issue/risk/action item tracking.
  • Creating and managing daily task lists of action items and follow-up activities.
  • Helping develop CSSP artifacts and track historical data.
  • Reviewing current status and schedule for forecasting future activities.
  • Monitoring and reporting on progress of subscriber reviews, including timelines and status.
  • Ensuring compliance with ESM requirements, verifying and documenting results for formal acceptance.
  • Identifying and proposing solutions for areas of improvement (continuous process improvement).
  • Assisting the CSSP in developing and issuing pertinent communication to the subscribers and stakeholders.
  • Performing and reviewing vulnerability scans.
  • Tracking vulnerability and compliance trends.

Requirements

  • Bachelor's degree in Computer Science, Business Administration or related degree.
  • Minimum of 6 years related experience.
  • Excellent written, analysis and communications skills - communicate clearly and concisely with diverse audiences and should be comfortable giving and receiving feedback.
  • US Citizenship (no dual citizens).
  • Strong preference for individual with Active Department of Energy (DOE) 'Q' Clearance OR Top Secret Security Clearance OR Secret Clearance; however, those with the ability to obtain a clearance will be considered.
  • Some limited travel required up to 10%.
  • Ability to work full time onsite with the potential to telecommute one to two days.
  • Demonstrated ability to work both independently and collaboratively with CSSP team members, customers and external vendors.
  • Ability to work on tasks with multiple deliverables - assess priorities and operate in a flexible manner in order to meet the dynamic needs of the team.
  • Strong experience with features of MS Project, Excel, Visio, PowerPoint, and Word.
  • Strong customer-service orientation.
  • Compliance with NICE Framework Work Role ID(s) OM-ANA-001 & PR-CDA-001.
  • Strong knowledge of IT technology and Cybersecurity services.
  • Experience in change and risk management.
  • Analytical skills and problem solving skills needed to manage multiple factors on a project simultaneously.
  • Strong team working skills.
  • Attention to and precision with detail.
  • Energetic with a can-do approach to work, who tracks and follows up on tasks independently, who seeks out additional work, and who recommends ways to improve upon current activities.
  • Developing and reviewing documentation such as policies, procedures, baselines, and risk assessments.
  • Understanding of regulatory compliance.
  • Strong understanding of information system logs for troubleshooting configuration issues.

Nice-to-haves

  • Experience with Tenable Products.
  • Experience with RedSeal including configuration, system scoring, and vulnerability evaluation.
  • Strong understanding of DISA STIG's, NIST Guidelines or other system security and hardening guidance (e.g. SCAP).
  • Familiarity with NIST 800-53, CISA ED's, BOD's, and DoD Instructions and Directives.
  • Ability to obtain Derivative Classifier Certification.
  • SEC+, CISSP, CISM, NICE Framework Work Role ID(s) OM-ANA-001 & PR-CDA-001 certifications a plus.
  • Experience with developing and reviewing Splunk Dashboards.
  • Experience with ticketing systems.

Benefits

  • Medical
  • Dental
  • Vision
  • Life Insurance
  • Short-Term Disability
  • Long-Term Disability
  • 401(k) match
  • Tuition/Training Assistance
  • Parental Leave
  • Paid Time Off
  • Holidays

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service