As the SENIOR CYBER SECURITY ANALYST, you will be responsible for maintaining the integrity and security of enterprise-wide systems, network, and applications. You will support cyber security initiatives through predictive and reactive analysis, articulating emerging trends to leadership and staff. As an active player during enterprise incident response efforts, you will drive incidents to timely and complete resolution. You will review threat data from various sources and develop detection and response capabilities. You understand attack signatures, tactics, techniques, and procedures associated with advanced cyber security threats, and can conduct vulnerability audits and assessments. You will partner and work with the Information Technology department and other IAP departments to help remediate findings effectively and efficiently.
As the Senior Cyber Security Analyst, you are expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals in partnership with IAP professionals. You’ll hold a comprehensive understanding of IAP’s network environment and develop strategies and processes to securely monitor, protect and defend sensitive data and assets from attack.
ESSENTIAL JOB FUNCTIONS:
- Develop and execute information security policies and standards.
- Review and assess current cyber security tool set to assist in detection, prevention, and analysis of security threats.
- Develop security strategies to respond to and recover from a security breach with strong understanding of Security Operation Center (SOC) operations both on premise and managed.
- Responsible for the ownership of multiple security products through lifecycle e.g., Data Loss Prevention (DLP), Vulnerability Management, SIEM etc.
- Drive adoption of new capabilities.
- Must mentor professional members for success of their ownership
- Exhibit leadership skills to lead IAP professionals in the resolution of cybersecurity findings by coordinating and using resources on other teams to deliver complex projects and new capabilities for the organization in security space.
- Exhibit consistency of security project & product delivery involving highly complex projects.
- Deliver measurable value for the organization.
- Build cybersecurity reports and dashboards for Information Technology and executive management.
- Review IT systems and business processes to identify information security risks and regulatory non-compliance, and guide remedy of issues noted.
- Design and deliver training on various Cyber Security initiatives.
- Monitor and use security toolsets to identify suspicious and malicious activities and inadequate security practices across IAP’s network (e.g., analyze network traffic, vulnerability scans, identification of computer viruses, unauthorized user activity) which may compromise the integrity and availability of systems.
- Perform risk assessments and mitigation planning.
- Facilitate internal and external penetration testing.
- Participate in ongoing enhancements to the security of existing technologies including network, anti-malware, firewall, IDS/IPS, PKI, etc.
- Provide ongoing gap analysis of current controls, policies, practices, and procedures as they relate to relevant guidelines outlined by DFARS, NIST 800-171, OMB, FISMA, etc.
EDUCATION & EXPERIENCE:
- BS/BA Computer Science, IT
- At least five years of experience in an information security function, ability to multi-task, have a keen eye for detail, strong organizational skills, the ability to thrive in fast-paced, high-stress situations, ability to communicate cybersecurity issues to peers and management
- 3+ years solid understanding of Cyber Security & IT controls, network / systems / application penetration testing and vulnerability assessments
- Experience with NIST and ISO frameworks.
- Experience with HIPAA, HITECH, GDPR, and other IT security governing bodies
- Experience using Windows / Unix / Linux / iOS systems in server and workstation environments. Strong understanding of hardware / software and cloud environments.
- Expert in analyzing and investigating network and system intrusions, malware attacks and recommend / implement prevention methods.
- Experience with Data Loss Prevention (DLP) systems, implementation, and process in on premise and cloud environment.
- Experience in cyber security incident response and breach investigations including forensic investigations.
LICENSES & CERTIFICATIONS:
- At least one information security certification, such as CISSP, GSEC, GCIH, GREM, CISM etc.
KNOWLEDGE & SKILLS:
- Excellent verbal and written communication skills.
- Advanced problem-solving and analytical skills.
- Accuracy and attention to detail and quality orientation is a must.
- Must be able to self-organize workloads and manage all deadlines.
TRAVEL: Less than 10%
IAP - INGENUITY AND PURPOSE
WWW.IAPWS.COM
As a leading international services company for more than 65 years, IAP Worldwide Services, Inc. (IAP) provides a broad spectrum of services and solutions to U.S. and international government agencies, and organizations. IAP is a world-class leader in providing Program Management, IT & Communications, Aviation & Engineering Solutions, Power Solutions, and Infrastructure & Logistics to provide safe, innovative, and reliable solutions to meet customers' diverse and complex challenges.
IAP is an EOE, including disability/vets.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Required Skills
Required Experience