Join our team as a Cybersecurity Analyst, where you'll play a critical role in assessing and analyzing cybersecurity documentation for client information systems.
You'll apply your scripting skills to develop and improve automations that streamline our assessment processes.
Your work will align with FISMA, NIST RMF for Federal Civilian Agencies, RMF for DoD IT, FedRAMP, and departmental standards, with a primary focus on FedRAMP.
Engage directly with clients through verbal communication to perform interviews for assessments, understand their needs, and provide effective solutions.
Conduct comprehensive assessments by analyzing cybersecurity documentation and performing evidence collection, interviews, and tests to evaluate compliance with relevant standards such as FISMA, NIST RMF, and FedRAMP.
Creating scripts and/or utilizing scripts to automate repetitive tasks and improve the efficiency of security assessments, reporting, and evidence collection.
Conduct system and network vulnerability scanning and analysis using tools such as Nessus/ACAS, SCC, and DISA STIGs/STIG Viewer.
Prepare clear and accurate reports and documentation, with an emphasis on creating scripts to automate analysis and report generation.
Work independently or as part of a client delivery team in a fast-paced, deadline-driven, remote environment.
Travel up to 25% for client engagements as required.

Requirements

High School diploma, Bachelor's Degree in Computer Science, Engineering, Information Systems, or Technology required.
Must be a U.S. citizen with the ability to obtain a necessary security clearance as required by our government customers.
Legal authorization to work in the U.S. indefinitely is required.
Strong verbal communication skills with the ability to articulate ideas clearly and confidently in face-to-face and phone interactions with clients.
Basic knowledge of Cloud Computing, FedRAMP, FISMA, NIST/DoD RMF, and NIST SP 800-series publications.
Demonstrable scripting skills in at least one language (e.g., Python, PowerShell, Bash) for task automation.
Beginner knowledge of testing tools such as Nessus/ACAS, SCC, DISA STIGs/STIG Viewer.
1+ years of experience in performing or participating in FISMA-based security Assessment and Authorization (A&A) activities.
Experience in creating and maintaining scripts for cybersecurity tools and processes, such as vulnerability scanning or compliance checks.
Proficiency in performing technical assessments using standard industry tools such as Nessus, DB Protect, Acunetix, and ACAS (for DoD).
Strong organizational, planning, and attention to detail skills.
Self-motivated with a strong technical aptitude.
Must obtain a FedRAMP required (A2LA R311) industry certification within 3 months.
The candidate must have at least one industry certification from the following list: Cisco Certified Network Associate Security (CCNA Security), Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops), Cybersecurity Analyst (CySA+), GIAC Certified Incident Handler (GCIH), GIAC Systems and Network Auditor (GSNA), GIAC Certified Intrusion Analyst (GCIA), Certified Information Systems Auditor (CISA), Certified Information System Security Professional or Associate (CISSP or Associate), Certified Secure Software Lifecycle Professional (CSSLP), Certified Information Systems Security Officer (CISSO), CyberSec First Responder (CFR), CompTIA Advanced Security Practitioner Continuing Education (CASP+), Continuing Education (CE), CompTIA Cloud+ (Cloud+), Global Industrial Cyber Security Professional (GICSP), Securing Cisco® Networks with Threat Detection Analysis (SCYBER).

Benefits

Incentive Bonus Plans
Medical, Dental, Vision benefits
401K with Company Match
10 Paid Holidays
Generous Paid Time Off Packages
Employee Stock Purchase Plan
Paid Parental & Family Leave

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

scriptingPythonPowerShellBashvulnerability scanningcompliance checkstechnical assessmentsautomationevidence collectionreport generation

Soft Skills

verbal communicationorganizational skillsplanningattention to detailself-motivatedclient engagementarticulation of ideas

Certifications

FedRAMP required (A2LA R311)Cisco Certified Network Associate Security (CCNA Security)Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops)Cybersecurity Analyst (CySA+)GIAC Certified Incident Handler (GCIH)GIAC Systems and Network Auditor (GSNA)GIAC Certified Intrusion Analyst (GCIA)Certified Information Systems Auditor (CISA)Certified Information System Security Professional or Associate (CISSP or Associate)Certified Secure Software Lifecycle Professional (CSSLP)