Sr. Cyber Security Analyst
Chattanooga, TN 37402 | Contract
Zycron has a Sr. CyberSecurity Analyst opportunity. This is with a large client located in Chattanooga TN
This position supports both project and baseline activities involving the Enterprise Security Monitoring Service (ESMS) for both corporate and Operational Technology environments and is required to operate and maintain the system in a state where malicious activities can be detected and responded to. This position is critical to maintain security as well as meeting regulatory requirements. Specific activities of this position involve maintaining quality assurance, NERC CIP audit ready state, configuration management, and deployed substation equipment.
- Researches, analyzes and translates Federal laws, regulations and security industry best practices and determines applicability and impact to incorporating into agency governance in easily understood presentation.
- Develops and manages policies and procedures at the corporate and organizational level ensuring agency cyber security reliability and accessibility to prevent and defend against unauthorized access to systems, networks, and data.
- Facilitates and manages agency-wide security programs designed to protect the confidentiality, integrity and availability of cyber assets and data.
- Ensures the effectiveness of the Enterprise Cybersecurity training program through appropriate planning, implementation, and evaluation.
- Plans and manages agency-wide cybersecurity projects utilizing innovative concepts and approaches where precedents do not exist, ensuring project resources, cost and schedule are appropriately managed.
- Conducts and manages systems security evaluations and reviews including development of systems security plans, implementation and maintenance of risk assessments, management of the security authorization of systems, and development and maintenance of security categorizations.
- Coordinates, prepares and manages formal responses to cybersecurity inquires from internal and external authorities such as the Office of Inspector General (OIG) and General Accounting Office (GAO).
- Prepares agency reports for internal and external audiences including audiences at a federal level.
- Communicates directly, independently and with appropriate authority with program management on cyber security issues.
- Represents Enterprise Information Security and Policy on agency-wide projects and provides support to various committees (which often include officers of the agency) that have been established to resolve key cybersecurity issues and federal regulations or recommended guidance [Federal Information Security Act of 2002 (FISMA), National Institute of Standards (NIST), etc.]
- Responds to incident investigations, performs triage activities, and utilizes structured methodologies to prevent, detect respond to threats.
- Supports control and vulnerability assessments to identify weaknesses and assess the effectiveness of existing controls, and recommends remedial action
- Develops security processes, work instructions and incident action plans to ensure that security controls are managed and maintained.
- Recommends security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.
Education – Bachelor’s degree in computer science, cybersecurity, engineering or a related field or equivalent experience
Experience - Three or more years experience in operational security, governance or information system auditing.
- Intermediate information security understanding.
- Broad knowledge of business functions and related security needs.
- Demonstrated competencies in analysis. teamwork, customer service, planning/organization, flexibility, stress tolerance and communication.
- Must be self-motivated and capable of performing most assignments with limited supervision.
- Must have the ability to manage multiple activities simultaneously.
- Excellent ability to research, evaluate and make recommendations as to policy applicability.
- Must possess knowledge and understanding of organizations, policies and operations.
- Must have ability to work harmoniously with peers, customers, executives