[Hiring] Cyber Security Analyst @Cherokee Federal

Role Description

Criterion is seeking a Cyber Security Analyst to protect computer systems and networks from potential threats and vulnerabilities. The Cyber Security Analyst monitors and analyzes security incidents, conducts risk assessments, implements security measures, performs vulnerability assessments, and supports cybersecurity compliance initiatives. This role plays a critical part in protecting enterprise information systems while supporting mission-critical operations and regulatory requirements.

Qualifications

• Bachelor’s Degree in Computer Science, Information Systems, or a related field.
• Minimum three (3) years of IT experience in a mid-to-large enterprise environment.
• Strong knowledge of information assurance policies and procedures.
• Experience supporting software, system, and enclave authorization and accreditation processes.
• Knowledge of systems architecture, security risk analysis, risk mitigation reporting, and vulnerability assessments.
• Experience supporting cybersecurity regulatory compliance and program management initiatives.
• Security+ Certification required.
• Ability to obtain and maintain a Public Trust.

Requirements

• Review, submit, and track Authority to Operate (ATO) packages.
• Evaluate existing mission systems and cybersecurity posture.
• Create, review, and recommend Standard Operating Procedures (SOPs) and templates in accordance with applicable regulations, policies, and best business practices.
• Review business processes and provide Risk Management Framework (RMF) guidance and documentation support.
• Pull, analyze, and report on Host-Based Security System (HBSS) data.
• Provide RMF recommendations and assist with preparation, delivery, tracking, and monitoring of RMF artifacts and documentation.
• Support security reporting requirements associated with network operations, deployments, DISA STIG compliance, encryption initiatives, and security mandates.
• Respond to questions, taskers, and data calls from government stakeholders and partner organizations.
• Support authorization and accreditation activities for systems, applications, and infrastructure.
• Identify, mitigate, and resolve cybersecurity issues and concerns.
• Conduct vulnerability assessments utilizing ACAS, SCC, and other approved tools.
• Support Information Assurance Vulnerability Alert (IAVA) compliance and reporting requirements.
• Perform remediation, imaging, and threat mitigation activities.
• Support Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), vulnerability scanning solutions, anti-virus platforms, HBSS, firewalls, web filtering solutions, and VPN technologies.
• Implement and manage RMF processes for information systems and networks.
• Ensure Accreditation and Authorization (A&A) documentation remains compliant with applicable regulations and guidance.
• Develop and maintain documentation supporting Authority to Operate (ATO), Authority to Connect (ATC), Certificate of Networthiness (CON), and System Security Plan (SSP) requirements.
• Conduct RMF validation activities and security control assessments.
• Verify implementation of cybersecurity controls and security requirements.
• Implement emerging cybersecurity solutions and best practices.
• Provide cybersecurity guidance and support to system owners and stakeholders.
• Participate in incident response and spillage handling activities.
• Monitor and report IAVM metrics and vulnerability status.
• Support cybersecurity education, awareness, and training initiatives.
• Conduct security assessments including:
• Security policy development
• Security engineering and architecture design
• Operational security management
• Network security testing and evaluation
• Computer security incident response
• Vulnerability analysis
• Malicious code analysis
• Security risk assessment
• Security certification and accreditation
• Assess and Authorize (A&A)
• Risk analysis
• Trending analysis
• Event and Incident analysis
• Document current security posture, identify vulnerabilities, and provide mitigation recommendations.
• Perform other job-related duties as assigned.

Benefits

• Estimated Starting Salary Range for Cyber Security Analyst: $150,000 - $155,000
• Pay commensurate with experience.
• Full-time benefits include Medical, Dental, Vision, 401(k), and other possible benefits as provided.
• Benefits are subject to change with or without notice.

Company Description

Criterion provides support, services, and solutions to federal government customers. The company takes a personalized approach to solving clients’ toughest challenges while helping professionals maximize their expertise and career growth. Criterion is part of Cherokee Federal — a team of tribally owned federal contracting companies supporting mission-critical programs across the federal sector.