Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Cybersecurity Analyst

F

Fors Marsh

Cybersecurity Analyst

National
Full Time
Paid
Similar Jobs
  • Responsibilities

    WHO WE ARE: At Fors Marsh, we take on issues that matter. We are a team of researchers, advisors, and communicators working together to shape the systems that shape our lives. We look at human behavior from all angles to design targeted solutions that influence decision-making and move people to action. We are committed to the problem, not just the project, and we are intentional about taking on work and forming partnerships that balance purpose, people, planet, and profit. We are a certified B Corporation, a Just employer, and a 2019-2023 Top Workplace. We hold ourselves accountable to the values that have always defined us. And those values drive us to be the best possible versions of ourselves-for each other, our communities, our clients, and the world.

    WHO WE ARE LOOKING FOR: Fors Marsh researchers, advisors and communicators are committed to solving the toughest challenges, to strengthen society and improve lives. We are dedicated to safeguarding sensitive information and ensuring the highest level of cybersecurity for our clients. We are seeking a talented and experienced Cybersecurity Analyst with expertise in security compliance with the Department of Defense and other Federal agencies, NIST Risk Management Framework (RMF) and 800-53 security controls, the Enterprise Performance Life Cycle (EPLC) framework, and the Authorization to Operate (ATO) process. As a Cybersecurity Analyst specializing in compliance for Federal IT systems, you will play a crucial role in our mission to protect sensitive data and maintain the security of our systems. You will work closely with our clients within the Department of Defense and other Federal agencies to ensure their information systems and networks adhere to the stringent security standards and regulations set by NIST (National Institute of Standards and Technology).

    Responsibilities include:

    • Stay up-to-date with the latest DoD cybersecurity regulations and directives, including DFARS (Defense Federal Acquisition Regulation Supplement) and NIST Special Publications (800-53 and 800-171).

    • Security Controls Documentation: Proficiently document and manage NIST security controls, ensuring all controls are properly implemented, monitored, and documented according to NIST guidelines.

    • Lead and manage the Authorization to Operate (ATO) process for our clients' systems, including preparing and submitting ATO packages, coordinating with the DoD stakeholders, and addressing any security issues or concerns.

    • Prepare for and guide clients through security audits, assessments, and inspections, ensuring all required documentation and evidence are readily available and accurate.

    • Identify, assess, and mitigate security risks in accordance with DoD guidelines, and implement necessary security measures to protect critical assets and data.

    • Collaborate with the incident response team to develop and execute incident response plans, ensuring rapid and effective responses to security incidents.

    • Conduct training and awareness programs to educate employees and clients on cybersecurity best practices and compliance requirements.

    • Stay informed about emerging cybersecurity threats, technologies, and best practices, and recommend improvements to enhance the overall security posture.

    • Conducts testing and configuration procedures across products and systems. Analyzes security management systems, enterprise systems, and data files to validate security.

    • Performs security analysis across networks, databases, and internet/web operations. Evaluate security plans to ensure the integrity of new and/or existing business operations. Translates and designs security requirements. Provides management with risk assessment briefings on products and/or services.

    Qualifications:

    • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field

    • Demonstrated experience working with DoD cybersecurity regulations, NIST security controls (800-53 and 800-171), and ATO processes.

    • 3 to 5 years of experience in technology or cybersecurity field.

    • Strong knowledge of security frameworks and standards, including DFARS, NIST, and FISMA.

    • Experience with security auditing, risk assessment, and compliance management.

    • Excellent communication and interpersonal skills to work effectively with clients and team members.

    • Network Security: Understanding of network protocols, firewalls, VPNs, and intrusion detection/prevention systems.

    • Operating Systems: Proficiency in various operating systems, especially Windows, Linux, and Unix.

    • Security Tools: Familiarity with security tools such as Wireshark, Nmap, Snort, and others used for network monitoring and analysis.

    • SIEM (Security Information and Event Management): Experience with SIEM tools like Splunk, ELK Stack, or others for log analysis and correlation.

    • Incident Handling: Ability to respond to and mitigate security incidents in a timely and effective manner.

    • Vulnerability Assessment: Conducting regular vulnerability assessments to identify and remediate security weaknesses.

    • Understanding of Compliance Standards: Strong familiarity with standards especially NIST 800-53 and 800-171

    • Policy Development: Developing and implementing security policies and procedures.

    • Must be a U.S. Citizen and consent to a full background check due to our federal contract requirements.

    • Applicants will be subject to a low-level government security investigation and must meet the eligibility criteria for access to sensitive information.

    Preferred Qualifications:

    • Ability to work 9-5 M-F Eastern preferred.
    • Relevant industry certifications such as CISSP, CISM, or CISA.
    • Forensics: Knowledge of digital forensics tools and techniques to investigate security incidents.
    • Penetration Testing: Understanding and experience in ethical hacking and penetration testing to identify and fix vulnerabilities before they can be exploited by malicious actors.

    We Offer:

    Our benefits typically meet or exceed our competitors' packages. Ways we are unique?

    • Ability to make an impact on people's lives, both internal and external to the organization.

    • Top-tier health, dental, vision, and long and short-term disability coverage all covered at 100% for employee coverage.

    • Remote work.

    • Our company culture, which values balance and allows each employee to take leave as they require it to balance the responsibilities of both their work and home lives without worrying about depleting their available leave hours.

    • We provide a floating holiday bank so you can celebrate the days you value.

    • Generous matching retirement contributions and no vesting period starting the third month of employment.

    • Dedicated training and development budgets to expand your expertise and grow your skillset.

    • You can volunteer your way with paid time off.

    • You can participate in Fors Marsh staff-led affinity groups.

    • Our employees receive product and service discounts through the certified B Corp network.

    Salary: $96,000-$101,000

    Location: Remote, United States Residents only

    EOE: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.