Job Description
Job Description
Location : Primarily remote with occasional in-office meetings in Washington, DC.
The Senior Cybersecurity Analyst oversees security operations, risk assessments, and incident response to protect USTC systems from cyber threats. Ensures compliance with NIST, ISO 27001, and federal cybersecurity frameworks.
Duties and Responsibilities :
A highly experienced and results-oriented cybersecurity professional, the Senior Cybersecurity Analyst leads in the proactive defense of the organization's information systems. This role provides expert-level guidance on cybersecurity operations, risk mitigation, incident response, and security architecture, ensuring the organization's IT environment remains secure, resilient, and compliant with applicable regulations and standards. The Senior Analyst acts as a mentor and technical authority, driving continuous improvement in security practices and fostering a strong security culture.
Security Operations & Architecture :
- Architect, implement, and manage advanced security solutions, including SIEM, ZTS, EDR, IDS / IPS, and other cyber management platforms, optimizing their effectiveness and integration.
- Lead proactive threat hunting and vulnerability assessments, identifying and mitigating emerging threats before they can impact the organization.
- Develop and champion security best practices and standards, ensuring their consistent application across the organization.
- Provide expert guidance on secure system design and architecture, influencing IT projects and initiatives to incorporate security from inception.
Incident Response Leadership :
Lead and coordinate complex incident response efforts, effectively containing and eradicating threats, minimizing business impact, and conducting thorough post-incident analysis.Develop and maintain comprehensive incident response plans, playbooks, and procedures, ensuring their alignment with industry best practices and regulatory requirements.Mentor and train junior analysts in incident response techniques, fostering their development and expertise.Risk Management & Compliance :
Conduct comprehensive risk assessments, identifying vulnerabilities and recommending appropriate mitigation strategies.Lead the development and implementation of security policies, standards, and procedures, ensuring compliance with frameworks such as NIST, ISO 27001, and other relevant regulations.Provide expert advice on security compliance and audit requirements, supporting internal and external audits.Security Awareness & Training :
Develop and deliver engaging security awareness training programs, educating employees on best practices and promoting a strong security culture.Mentor and guide IT staff on secure configurations and best practices, fostering their understanding of security principles.Collaboration & Communication :
Collaborate effectively with senior management, IT teams, and business stakeholders to communicate security risks and recommendations.Provide clear and concise reports on security incidents, risk assessments, and vulnerabilities, presenting complex technical information in an accessible manner.Represent the organization in security-related discussions with external vendors, partners, and industry groups.Continuous Improvement & Innovation :
Research and evaluate emerging security technologies and threats, recommending and implementing innovative solutions to enhance the organization's security posture.Identify process gaps and recommend enhancements to security operations, driving continuous improvement in security practices.Contribute to the development of the organization's overall cybersecurity strategy.Required Skills & Qualifications :
Technical Expertise :
Deep expertise in security tools and technologies, including firewalls, SIEM, IDS / IPS, ZTS, EDR, vulnerability scanning solutions, and cloud security platforms.Advanced understanding of network protocols, operating systems (Windows, macOS, Linux, iOS, Android), cloud environments (AWS, Azure, GCP), and containerization technologies.Proficiency in scripting languages (e.g., Python, PowerShell) for automation and security tasks.Experience with security architecture and design principles.Analytical & Problem-Solving Skills :
Exceptional analytical and problem-solving skills, with the ability to analyze complex security logs and events to identify patterns and potential threats.Proven ability to lead and manage complex security incidents.Communication & Leadership :
Excellent written and verbal communication skills, with the ability to effectively convey technical information to both technical and non-technical audiences.Demonstrated leadership skills, with the ability to mentor and guide junior analysts.Required Experience :
Minimum of 10 years of hands-on experience in cybersecurity or related IT roles, with a focus on security operations, incident response, and risk management.Extensive experience with security monitoring tools and incident response processes.Deep understanding of compliance requirements and risk management frameworks such as NIST, ISO 27001, and HIPAA.Experience in a leadership or mentorship role.Preferred Certifications :
CISSP (Certified Information Systems Security Professional)CompTIA Security AWS Certified Security SpecialtyMicrosoft Azure Security Technologies CertifiedVendor certifications from leading security vendors (e.g., Zscaler, CrowdStrike, Splunk)Certified Ethical Hacker (CEH)GIAC certifications (e.g., GSEC, GCIA, GCSH)Clearance Requirement : Ability to obtain and maintain a Public Trust.
This position is contingent upon future contract award to Gunnison Consulting.The salary range for this position depends upon multiple factors including location, the individual's knowledge, skills, competencies, and experience, and contract-specific budget constraints and organizational requirements.
Gunnison Consulting Group's total compensation package also includes bonus and profit-sharing opportunities, depending on company and employee performance. Available employee benefits include :
3 weeks of Personal Leave your first year11 paid Holidays each year5 days of Flexible Time Off each year401(k) company match at 50% up to 10% of your salaryMedical, Dental and Vision InsuranceLife and Disability InsurancePublic Transportation SubsidiesCertifications and Training Allowance - $2,500 / year!Why Join Gunnison?
Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation.Quality is our top priority.Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer.There is a great sense of camaraderie at Gunnison. This is an atmosphere we will maintain as we continue to grow.We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding.We hire for careers at Gunnison, not to fill a position.Equal Opportunity / Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time.
In 1994 Gunnison Consulting Group began serving the greater Washington, D.C. metro area, focused on tackling our customers' most ambitious technology projects. By creating a culture dedicated to enabling our customers and employees to achieve more than they ever thought they could , the company has thrived for over 25 years.
Salary : $2,500
