Sr. Cybersecurity Analyst (Sr. Security Analyst) - Information Technology

Position Description

Minimum Education

Bachelor's degree or equivalent experience

Minimum Experience

5

Summary

The Senior Security Analyst independently provides technical and analytical support for the Board's computer security systems. Monitors current security systems to control access to systems and detects and reports violations. Develops new security measures as needed.

Duties And Responsibilities

• Manages, maintains, documents and enhances security tools, such as ACF2, which is used to control access to the Board's centralized computer resources, the Ace security server, which is used to control access to the Board's computer resources from telephone lines, Lotus Notes, Windows, firewalls, RAS Enterprise, and other tools as the Board uses them to safeguard the FR System's information resources.
• Monitors ACF2, firewall and other security reports regularly. Checks for and research violations. Infors appropriate management of any violations.
• Analyzes and assesses hardware and software to provide security for microcomputers, mainframes, office systems, local and wide area networks, voice/data systems, etc. Conducts complex security risk assessments, risk certifications, software security reviews, based on FISMA requirements, changes in legislation, professional security standards, and business requirements. REcommends tools, policies and procedures to protect Board computers.
• Supports the System Information Security Officers, the Board's Information Security Committee, the security liaison officers, and the security administrator by serving on task forces and subcommittees, preparing reports and other supporting documents.
• Identifies and analyzes emerging technology impact on Board security issues.
• May lead technical projects. Reviews the quality, accuracy, and documentation of technical work performed by other analysts. Delegates work and reviews resource utilization and project status, design approach and final products.
• Recommends emerging high-tech security systems and assesses their impact on the Board's and Syste's information systems architecture.
  
  

Position Requirements

FR-26 Minimal Qualifications

Requires excellent analytical ability and oral and written communication skills typically acquired by completion of a Bachelor's Degree in computer science or related discipline. Requires a minimum of 5 years work experience with computer security systems. Possesses an advanced working knowledge of the internal architecture of centralized and decentralized computer resources. Demonstrates a high level of knowledge of security requirements for the System and information security standards documents. Able to learn quickly and integrate knowledge with many other security systems.

FR-27 Minimal Qualifications

Requires excellent analytical ability and oral and written communication skills typically acquired by completion of a Bachelor’s Degree in computer science or related discipline. Requires a minimum of 7 years experience working with computer security systems. Possesses a superior working knowledge of the internal architecture of centralized and decentralized computer resources. Demonstrates a high level of knowledge of the software techniques needed to support hardware and of disk and tape storage. Demonstrates an excellent knowledge of security requirements for a system, including information security policies and standards. Possesses expertise in emerging technologies.

Remarks: The Sr. Cybersecurity Analyst (Sr. Security Analyst) is an individual contributor position responsible for the instrumentation and administration of cybersecurity tools, appliances, and measures to protect the Board’s IT assets and ensure the Board’s ability to conduct its mission. The Sr. Cybersecurity Analyst (Sr. Security Analyst) utilizes cybersecurity tools such as firewalls, proxies, intrusion detection, intrusion prevention, endpoint protection, and data analysis platforms as part of an integrated, defense in depth solution with a central security information and event management (SIEM) system and security orchestration tools. The Sr. Cybersecurity Analyst (Sr. Security Analyst) must understand system architectures and possess the ability to identify security weaknesses that can be exploited to compromise a variety of systems used by the Board. The Sr. Cybersecurity Analyst (Sr. Security Analyst) develops technical products and presents highly technical subjects to a variety of audiences ranging from non-technical senior leaders to highly technical subject matter experts. The Sr. Cybersecurity Analyst (Sr. Security Analyst) collaborates with other cybersecurity professionals to develop and implement cybersecurity solutions that enable threat hunt activities. The Sr. Cybersecurity Analyst (Sr. Security Analyst) provides technical and analytical assessments to support information security engineering decisions to ensure Board information and systems are adequately protected.

This position requires a TOP SECRET / SENSITIVE COMPARTMENTED INFORMATION security clearance.

Highly Desirable

• Expert knowledge in the in at least one of the following areas: cybersecurity operations, cyber threat analysis, data science principles, digital forensics, incident handling, incident management, incident response, vulnerability management, security engineering, automation and programming, project management, and/or relevant technologies and programming languages.
• Ability to provide threat assessments, recommend cybersecurity technologies for intrusion detection and prevention, assess technical vulnerabilities, identifying automation opportunities, investigate and resolve security breaches.
• Experience using cybersecurity tools such as firewalls, proxies, intrusion detection, intrusion prevention, endpoint protection, data analysis platforms, a SIEM, and/or security orchestration tools.
• Experience with incident response tools and processes including host forensics, network forensics, log analysis, timeline development, memory acquisition and analysis, image acquisition, etc.
• Experience analyzing threat intelligence from a variety of sources to understand the nature of a threat, extract the information that informs threat hunt operations, and uses that information to investigate Board IT assets for evidence of an intrusion or compromise.
• Familiarity with relevant policies, procedures, and be able to work with TOP SECRET / SENSITIVE COMPARTMENTED INFORMATION.
• Demonstrated resourcefulness and advanced critical thinking skills to independently direct, analyze, and implement solutions for all the various complex problems that arise in the administrative and operations area.
• Expert technical writing and communications skills. Contacts are often with division leadership, but also with staff at all levels; a significant degree of coordination and contact with other units/sections/divisions may also be required.
• Ability to construct clear and concise written work and applies an increasingly advanced understanding of grammar, sentence structure, and intended audience(s) to the process of writing and editing such work.
• Ability to explain to cross-team or cross-divisional partners items of high levels of complexity.
• Possess skills in negotiation and persuasion in performing duties and influencing support for change.
  
  

This position is hybrid, requiring a combination of telework and in-office presence in Washington, DC.

Primary Location

DC-Washington

Employee Status

Regular

Overtime Status

Exempt

Job Type

Standard

Work Shift

1st Shift

Relocation Provided

Yes

Compensation Grade Low

FR PAY GRADE 26

Compensation Grade High

FR PAY GRADE 27

Minimum Salary

$123,500.00

Maximum Salary

$231,700.00

Posting Date

Mar 12, 2024