Cyber Security Analyst

Our Civil Group offers an array of exciting career opportunities for the best IT, energy, logistics, and engineering professionals. Driven by our talented workforce, the Federal Energy, Environment, and Commerce Operation builds trust through an array of energy-related IT, environmental science, and engineering solutions to meet our customers’ needs.

Key Capabilities:

• Large Infrastructure
• Mission Support
• Digital Modernization
• Command & Control
• Mission Applications
• Environmental Science
• Nuclear Security
• Engineering Services

Required Security Clearance:

• Candidate must be able to obtain and maintain a DOE Q Clearance. This position is contingent upon clearance verification and program/customer concurrence.

Responsibilities:

• Support the Cyber Security and Information Technology programs, reporting to the Cyber Operations Group Lead, Information System Security Officer (ISSO), Information System Security Manager (ISSM), and IT Director.
• The candidate will rely on their cybersecurity background to support our customers in meeting the DOE requirements set forth in our contracts.
• Coordinate investigative activities with appropriate management, formulate written reports, and present oral or written briefings as needed for Incidents of Security Concern (IOSCs).
• Ensures all changes to systems are performed in accordance with configuration controls.
• Researches, documents, and implements software application security requirements, and works with users to ensure effective use of applications.
• Shares technical knowledge, and works closely with the technical administrators (systems, networks, database, etc.) to provide mutual support.
• Schedules, performs, and monitors various scans and tests within the computing environment in order to identify vulnerabilities, configuration errors, and areas for improvement and general debugging.
• Gathers Cyber Security on a daily, weekly, and monthly basis to drive discussion and decision-making with management, team members, and end-users.
• Develops and maintains user manuals, guides, work instructions, procedures, and other technical and non-technical documentation.
• Participates in the design and implementation of systems, policies, and procedures for cybersecurity, including disaster recovery and data archiving to ensure effective protection and integrity of data assets.
• Remain conversant with the IT and Cyber industry’s computer security technology and practices.
• Maintains a safe working environment. Demonstrates awareness and implementation of applicable environmental, safety, and health (ES&H) requirements while also alerting coworkers of such requirements as needed.

Accountabilities:

• Communication Skills: The candidate should have strong verbal/written communication skills, communicate clearly at both one-on-one and group levels, communicate with team leaders, managers, and internal employees in the decision-making process to obtain needed information, make the most appropriate decisions, and ensure buy-in and understanding of resulting decisions.
• Task Management Skills: The candidate is expected to proactively determine project or assignment requirements by breaking them down into tasks and identifying types of equipment, and materials needed. The candidate consistently and proactively identifies more critical and less critical activities and assignments and effectively adjusts priorities when appropriate.
• Team Coordination Skills: The candidate is expected to set high expectations for oneself, and has the courage to raise the bar continuously. The candidate holds oneself and others accountable for continuous improvement and communicates expectations directly, openly, and effectively. The candidate conveys a sense of purpose and mission that motivates others, maintains direction, and balances big-picture concerns with day-to-day issues. The candidate guides others in creating relevant options for addressing problems/opportunities and achieving desired outcomes.
• Base of Knowledge Skills: The candidate must have complete knowledge of verification, validation, certification, and qualification processes and procedures, including knowledge of current governing regulations and compliance requirements; an advanced level of understanding and proficiency in the use of networking computing hardware and software applications; extensive knowledge of processes and tools needed to maintain, archive, and retrieve digital files; as it relates to cybersecurity, ability to read and understand contracts, Statements of Work.

Minimum Certifications, Education, and Experience:

• Bachelor’s degree from an accredited college or university with less than 2 years of related IT/Cyber experience; or Associate’s degree with 2+ years of related IT/Cyber experience; or a high school diploma/equivalent with 4+ years of related IT/Cyber experience

Preferred Experience and Qualifications:

• Experience or knowledge of U.S. Department of Energy (DOE) directives, or similar U.S. State or Federal departmental agency policies, and procedures pertaining to sensitive information, computing, cybersecurity, information technology, etc.
• Demonstrated success in achieving project completion in a timely manner. This includes having effective project management skills and correctly assessing the time required to carry out given tasks.
• Experience using cybersecurity relevant tools, systems, and applications to include but not limited to: Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Data Loss Prevention (DLP), Application Allow or Deny-listing, and Vulnerability Management Solutions (VMS).
• Possess a cybersecurity application or vendor-specific certification associated with any number of the types of relevant tools previously listed.
• Possess a beginner to expert level cyber-centric industry certification such as a Security+, CEH, CYSA+, CASP+, OSCP, GCIH, or CISSP.
• Operating System experience to include a fundamental understanding of common security best practices or industry standard baselines such as those developed by the Center for Information Security (CIS) or the Defense Information Systems Agency (DISA).
• Technical Linux experience is highly desired.
• Demonstrated knowledge of standard IT processes and tools that are used to maintain, archive, sanitize, and retrieve digital files
   

*** NOTE:

• Must be a U.S. Citizen and eligible for a DOE Security Clearance
• Job Travel Requirement: Yes, up to 10%
• Potential for Telework: Yes, preference is roughly 40% remote and 60% on-site, negotiable