Cybersecurity Analyst with Security Clearance

---

Job description

Overview Cybersecurity Analyst (EDOS-6): Bowhead is seeking a skilled full-time Cybersecurity Analyst to join our team in Dahlgren, VA. The ideal candidate will be responsible for ensuring GWS fleet and land-based configurations are assessed and authorized with respect to Department of Defense (DOD) Cybersecurity policies. Responsibilities The Cybersecurity Analyst is responsible for ensuring GWS fleet and land-based configurations are assessed and authorized with respect to Department of Defense (DOD) Cybersecurity policies. Key Responsibilities: Conducting vulnerability scans and recognizing vulnerabilities in security systems. Using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.). Conducting application vulnerability assessments. Identifying systemic security issues based on the analysis of vulnerability and configuration data. Sharing meaningful insights about the context of the organization's threat environment that improve its risk management posture. Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Troubleshooting and diagnosing cyber defense infrastructure anomalies and working through resolution. Performing impact/risk assessments. Required Skills: Conducting vulnerability scans and recognizing vulnerabilities in security systems. Using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.). Skill in system, network, and OS hardening techniques (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.). Conduct vulnerability assessments. Ability to identify systemic security issues based on the analysis of vulnerability and configuration data. Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Tenable Assured Compliance Assessment Solution (ACAS) Applying host/network access controls (e.g., access control list). Use of Virtual Private Network (VPN) devices and encryption. Protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). Troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution. Performing impact/risk assessments. Other duties as assigned. Qualifications Required: DoDM 8140.03 certified,( any IAT level 2 certification will meet requirement) Seven (7) years of professional experience as a Cybersecurity Specialist with a specialization in cross domain solution implementation. 5 + years of computer networking concepts and protocols, and network security methodologies experience. Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth & concept of zero trust). Experience working with Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. Experience working with network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. Knowledge of application vulnerabilities. Knowledge of system administration, network, and operating system hardening techniques. Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. Preferred: Knowledge of cyber threats and vulnerabilities. Knowledge of specific operational impacts of cybersecurity lapses. Knowledge of host/network access control mechanisms (e.g., access control list, capabilities list). Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Knowledge of network traffic analysis methods. Knowledge of Virtual Private Network (VPN) security. Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP , and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly. Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). Knowledge of application security risks. Physical Demands: Must be able to lift up to 25 pounds. Must be able to stand and walk for prolonged amounts of time. Must be able to twist, bend and squat periodically. SECURITY CLEARANCE REQUIREMENTS: Must currently hold a security clearance at the Secret level. US Citizenship is a requirement for Secret clearance at this location.

<!– job description page –>