Cybersecurity Analyst Lead

---

Job description

Overview:
CYBERSECURITY ANALYST LEAD (ERDC):

Bowhead seeks a Cybersecurity Analyst Lead to support the Engineering Research Development Center (ERDC). ERDC cybersecurity center is a fast-paced Cybersecurity Services Provider (CSSP) environment.

Responsibilities:
Serve as the Team Leader and Program Manager for Protect services, including aspects of Information Security Continuous Monitoring (ISCM), as well as User Activity Monitoring (UAM) in support of the Insider Threat (InT) program.

Oversee and manage customer quality assurance requirements to ensure quarterly goals are met.

Oversee and manage the training program to ensure compliance to the Workforce Training Plan and DOD requirements.

Oversee and manage compliance requirements to Endpoint Security Solutions (ESS), in accordance with JFHQ-DODIN requirements.

Maintain procedural documentation, to include standard operating procedures (SOPs) and program policies.

Ensure adequate task delegation to meet contractual requirements and project milestones.

Conduct continuous network monitoring and analysis using various defensive cyber tools.

Enumerate vulnerable terrain in support of Tier 1 reporting.

Provide end customers with vulnerability assessment reports with tailored, prioritized mitigation actions.

Track vulnerability management efforts from identification, to notification, to remediation.

Investigate and report potential false positives from continuous monitoring tools.

Analyze risk score trends and ascertain potential root causes to risk score anomalies.

Track compliance trends and provide prioritized list of findings to end customers.

Assist subscribers in the deployment of Nessus agents.

Enumerate and report instances of specific platforms, installed software, and services (including unauthorized instances).

Validate network scanning quality and compliance IA applicable JFHQ-DODIN TASKORDS.

Troubleshoot credentialed vulnerability scanning failures and provide remediation guidance.

Research emerging threats and vulnerabilities to aid in the identification of network security risks.

Assist in incident response activities by querying existing data and sharing matching indicators of compromise (IOC).

Conduct user activity monitoring (UAM) in support of the Insider Threat Program.

Provide prompt, quality customer service with excellent written and oral communication skills.

Qualifications:

Experience with Tenable Security Center/Assured Compliance Assessment Solution (ACAS).

Experience with user activity monitoring (UAM) tools that support insider threat (InT) detection, response, and mitigation procedures.

Knowledge of network scanning principles and the potential impacts of intrusion detection/prevention systems (IDS/IPS) to scan data accuracy.

Knowledge of Endpoint Security Solutions (ESS) compliance requirements.

Knowledge in Evaluator Scoring Metrics (ESM) criteria, and the accreditation process for Cybersecurity Service Providers (CSSP).

Experience working in a fast-paced, metrics-driven, and team-oriented environment.

Ability to communicate complex technical and programmatic information, often in the form of verbal and visual operational updates, situation reports and briefings.

Must possess Bachelor's degree or equivalent experience

Must have at least 2 years intrusion detection experience

Must have at least 2 years relevant IT and/or System administrator experience and 2 years relevant Information Security experience

Must have the certifications for DOD 8570 IAT Level II minimally

Must have the certifications for DOD 8570 CSSP-Analyst or CSSP-Incident Responder

Must have the ability to earn DoD 8570 computing environment certification within 6 months

SECURITY CLEARANCE REQUIRED: Must be able to maintain a Top Secret clearance. US Citizenship is a requirement for Top Secret clearance at this location.

Physical Demands:
• Must be able to lift up to 25 pounds
• Must be able to stand and walk for prolonged amounts of time
• Must be able to twist, bend and squat periodically

<!– job description page –>