Senior Cyber Security Analyst

Job Responsibilities

• Develop information security program and implement NIST-800-171 / CMMC Framework
• Manage (SSP) system security plan, (POAM) plan of action and milestone and update (SPRS) Supplier performance risk system score
• Lead MS365 / O365 security AND compliance implementation by ensuring security requirements are satisfied and help adjust policy as needed
• Manage the SIEM solution and identify, triage, and assist in remediation of cyber security alerts
• Define technical and business processes and policies related to data protection strategies as well as implementing DLP solutions to provide, security, privacy, and integrity
• Perform vulnerability assessment and assist in remediation, and interface with technical teams to advocate for appropriate remediation responses
• Audit endpoint and server patching processes to identify gaps and work with technical teams to resolve issues
• Conduct network / host monitoring and intrusion detection analysis using various tools, such as Intrusion Detection / Prevention Systems (IDS / IPS), firewalls, SIEM, NAC, EDR, DLP, Cisco Umbrella and host-based security tools
• Work with 3rd party security vendors such as a MSSP (Managed Security Service Provider)

Job Qualifications

• Must be able to secure and maintain a Department of Defense security clearance
• Bachelor’s degree in computer science, computer engineering, or related field
• Minimum 5 years of experience managing a security information and event management (SIEM) systems or other cyber security-related monitoring solutions and driving remediation based on SIEM outputs
• Minimum 5 years of experience managing vulnerabilities, patch management, and remediation
• Minimum 5 years of experience with cloud-delivered commercial and government-based solutions such as Microsoft M365-E5 / Azure, and experience with IT backup and disaster recovery systems
• Working knowledge of NIST Framework, MS-365 Security and Compliance, DLP, SIEM, CrowdStrike, Cisco Umbrella, Incident management, TCP / IP (Transmission Control Protocol / Internet Protocol), OSI (Open Systems Interconnections) Model, DNS (Domain Name System), and DHCP (Dynamic Host Configuration Protocol)

Reliance One, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.