Posted in

Data Analyst – Ts/Sci

Data Analyst – Ts/Sci

CompanySMX
LocationFort Belvoir, VA, USA
Salary$110900 – $184800
TypeFull-Time
DegreesBachelor’s
Experience LevelExpert or higher

Requirements

  • Active Top Secret (TS) security clearance with eligibility for SCI and NATO read-on before starting work.
  • Meet DoD 8140 / 8570.01-M requirements for a privileged user on a TS/SCI information system before commencing work.
  • CISSP, CISM, or equivalent certification.
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field OR 10+ Years experience with Enterprise SIEM Data Observability and Reporting (Splunk/Elastic).
  • Thorough understanding of cybersecurity principles, best practices, and emerging threats.
  • Proficiency in vulnerability scanning and cybersecurity tools, including Tenable.
  • Security Information and Event Management (SIEM) systems: Splunk, Elastic, Logstash, Kibana (ELK).
  • Data broker technologies: Cribl, Confluent.
  • Operating Systems Security Events: Windows, Linux.
  • Networking protocols: TCP/IP, DNS, DHCP, HTTP/HTTPS.
  • Cybersecurity tools and technologies: IDS/IPS, firewalls, host based security, threat intelligence platforms, vulnerability management tools.
  • Advanced knowledge of Security Incident and Event Management (SIEM) tools, vulnerability management, compliance, and cybersecurity principles.
  • Strong problem-solving skills to assess vulnerability risks and recommend effective remediation strategies.
  • Ability to convey technical findings clearly and succinctly to both technical and non-technical audiences.
  • Adept at collaborating with IT, security, and cross-functional teams to ensure timely and effective vulnerability remediation.
  • Meticulous in documenting and reporting vulnerabilities, ensuring compliance and audit readiness.
  • Knowledge of DoD, Army, and IC regulations, standards, and compliance requirements.
  • Keeps current with evolving threats, vulnerabilities, and cybersecurity mitigation techniques.

Responsibilities

  • Generate detailed automated reports on identified vulnerabilities, outlining their severity, potential impact, and recommended remediation steps.
  • Assess vulnerability assessment results and prioritize vulnerabilities based on their criticality, potential impact, and ease of exploitation.
  • Maintain accurate records of vulnerability assessments, reports, and remediation efforts for audit and compliance purposes.
  • Work closely with IT teams to oversee the application of security patches and updates that address identified vulnerabilities.
  • Collaborate with incident response teams to address vulnerabilities that have been exploited or may be exploited during a security incident.
  • Collaborate with cross-functional teams, including regional support groups, to ensure the swift resolution of vulnerabilities.
  • Stay updated on the latest threat intelligence, new vulnerabilities, and mitigation strategies, particularly in DoD, Army, and IC environments.
  • Participate in security awareness programs to educate employees on vulnerability reporting and the use of automated reporting tools.
  • Design and develop data pipelines and architectures to ingest, process, and analyze large datasets from various cybersecurity sources, including network logs, system calls, and threat intelligence feeds.
  • Develop and implement data visualization and dashboarding solutions to provide real-time insights and situational awareness to cybersecurity analysts and stakeholders.
  • Collaborate with cybersecurity teams to integrate data-driven solutions with existing security tools and systems, including SIEMs, IDS/IPS, and threat intelligence platforms.
  • Ensure compliance with DoD, Army, and IC regulations, task orders, bulletins, and standards related to vulnerability management.
  • Clearly convey findings and recommendations to both technical and non-technical stakeholders, including management.

Preferred Qualifications

  • Advanced certifications such as Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler (GCIH), and GIAC Vulnerability Assessment Professional (GVAP).
  • Experience in a DoD, Army, or Intelligence Community environment with a focus on vulnerability management.
  • Familiarity with automation tools and scripting languages (such as Python and PowerShell) to improve vulnerability reporting processes.