You are viewing a preview of this job. Log in or register to view more details about this job.

Mid-Level Cybersecurity Analyst

B&M Consulting Group, Inc.
Email
B&M Consulting Group, Inc. is seeking a mid-level Cybersecurity Analyst to conduct IT security testing of complex operational systems and facilities for clients across the Federal government. In this role, candidates will conduct risk and vulnerability analysis, define and describe risk exposure based on threats and exploit paths, and provide recommendations for remediating detected vulnerabilities and compliance gaps. Ideal candidates must be highly knowledgeable in security principles, how they apply to system architectures, and the various testing methods utilized to ascertain the effectiveness of those controls.

Responsibilities:
  • Facilitate and conduct Security Control Assessments (SCA) and additional Continuous Monitoring Activities within internally hosted and cloud-based environments
  • Develop resultant SCA documentation, analyze results, and initiate recommendations associated with the findings on how to improve the customer’s security posture in accordance with NIST controls
  • Conduct independent testing of corrective actions to validate risk/vulnerability resolution
  • Validate respective information system security plans to ensure NIST control requirements are met
  • Review the controls that support the Requirements Traceability Matrix (RTM) and the details of the System Security Plan (SSP) to determine completeness and accuracy
  • Provide consulting services on Cybersecurity laws and regulations
Qualifications:
  • Bachelor or Master of Science in Computer Science or Cybersecurity
  • Cumulative GPA of 3.5 or above
  • 3+ years of work experience in security assessment & authorization
  • Experience leading system assessments independently
  • Ability to assist team members with proper artifact collection to the client’s examples of artifacts that will satisfy assessment requirements
  • Excellent written and oral communication skills and the ability to interact efficiently with clients and peers
Desired Skills:
  • Proficiency in Federal information security standards and methodologies, including FISMA requirements, OMB standards and guidelines, and NIST Federal Information Processing Standards (FIPS) Publications and Special Publications (NIST FIPS 199, NIST FIPS 200, NIST SP 800-37, NIST SP 800-53/A, etc.)
  • Proficiency in testing, analyzing, and interpreting Security Assessment Results for all systems, including but not limited to the following platforms:
  • Microsoft Server 2008/2012/Other, UNIX/Linux, Microsoft SQL Server, Oracle DBMS, Sybase DBMS, Windows 7, IIS, Mobile Device Management solutions, Routers/Switches/Firewalls, Printers/Faxes/Multi-Function Devices, .Net and Java custom-developed applications
  • Demonstrated experience with the following tools: Archer GRC, Qualys, Tenable, CoreImpact, DbProtect, Nessus, IBM AppScan, Symantec Endpoint Protection, Symantec DLP, FireEye ATP, McAfee SIEM, McAfee IDS/IPS, ForeScout, MS Excel pivot tables.

Citizenship Requirements:
U.S. Citizens ONLY. Applicants selected will be subject to a government security investigation and must be able to pass a Federal background check for a public trust clearance, for which U.S. Citizenship is required.
 
Equal Opportunity Employer:
B&M Consulting Group, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.