Pro2Serve Professional Project Services - Lexington, KY
posted 2 days ago
About the position
ETAS Inc. has upcoming opportunity for Senior Cyber Security Analyst (Direct Hire) position at our office in Lexington, KY. Please submit resumes via the web page link below. Enterprise Technical Assistance Services, Inc. (ETAS), is a wholly owned subsidiary of Professional Project Services, Inc (Pro2Serve). ETAS was formed and dedicated to support the Department of Energy (DOE) Portsmouth/Paducah Project Office (PPPO) with technical and management services contributing to the safe and cost-effective implementation of the "One PPPO" mission. The parent company, Pro2Serve, is a nationally recognized environmental, technical, and engineering services firm dedicated to providing critical environmental management services to reduce the Nation's environmental liabilities and infrastructure engineering services in support of our Nation's security. We support the energy, defense, and science markets through responsive, cost-effective execution of critical environmental, facilities and infrastructure, and nuclear defense and nonproliferation projects.
Responsibilities
- Support and assist cyber-security operations team continuous monitoring efforts through applied expertise of security monitoring tools such as Splunk or similar SEIM log aggregation utilities, ForcePoint, and Crowdstrike.
- Identify and isolate system threats and conduct investigations for cyber security Incidents of Concern (IoC) and other threat alerting awareness.
- Assist with system and cyber tool troubleshooting as required to ensure smooth operations.
- Document security findings and prepare assessment reports as required.
- Support Risk Management Framework (RMF) documentation including continuous monitoring and annual RMF controls reviews across multiple ATO accredited information system domain boundaries on NIST 800 series compliant systems.
Requirements
- Bachelor's degree in an IT related subject matter area from an accredited college or university and have seven years of experience in an IT related position with at least five of those years being in an operational cyber security specific role (e.g., information system security manager, information system security officer, cyber security specialist) or have ten years of experience in an IT related position with at least seven of those years in an operational cyber security specific role.
- Possess a Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), or similar professional certification.
- Detailed knowledge of National Institute of Standards and Technology (NIST) and Committee on National Security Systems (CNSS) cyber security requirements and guidance, cyber security related risk management techniques.
- Excellent verbal and written communication skills.
- Ability to lead cyber security assessments and manage an assessment team.
- Support documentation and continuous monitoring efforts to maintain RMF ATO compliance.
Nice-to-haves
- Prior experience with RMF control templates, overlays, and narratives greatly preferred.
- Prior hands-on work experience with Splunk and ForcePoint both highly desired.
Benefits
- Major Medical Plan with Prescription Card, Dental Plan, Vision, and Disability Insurance
- Retirement Plan 401(k)
- Employee Stock Ownership Program (ESOP)
- Comprehensive Leave
- Holidays
