Tau Six, an agile small company delivering cutting edge cybersecurity and systems integration services to the US National Security market, has an immediate need for a Principal Cybersecurity Analyst for a Department of Defense customer. In this role you have the opportunity to work with a cross-functional team in multiple technical areas to include operations, engineering, security, and systems development to deliver secure solutions to our national security customers.
Your excellent technical skills will assist in identifying risk to enterprise systems across a broad spectrum of technologies and processes. Your responsibilities will also include elements of physical and environmental protection, penetration testing, incident handling, and security training and awareness. In close coordination with the rest of the security team, you will play an active role in defending the enterprise. Candidates must possess thorough understanding of Windows & Linux operating systems, contemporary networking, and cybersecurity tools, techniques, and tactics.
Current Top Secret/SCI U.S. Government Clearance Required
- Prepare, document, and test national security systems and organizations using adversary tools and techniques to identify system vulnerabilities.
- Prepare system implementers for successful assessments through coordination and advisement.
- Research evaluate new security technologies and countermeasures
- Identify and define system security requirements
- Participate in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes
- Continuously review and evaluate best practices for implementing a comprehensive compliance and monitoring program
- Assist in security investigations and responses as necessary
- Document the results of field inspections and tests, support the development of resulting plan of actions & milestones (POA&M).
- Conduct vulnerability analysis and penetration testing as directed.
- Provide cyber security technical expertise and analysis for new software and hardware. Provide written expert position and recommendations, packages, templates and guidance to gain approval for new or upgraded software
- Candidates must have extensive experience with risk assessment technologies and processes including understanding of the adequacy of implemented security features across a broad range of technologies.
- Must have demonstrated practical penetration testing / vulnerability exploitation experience
- Must have knowledge of host and network access control and auditing technologies and methods.
- Must have an understanding of incident response, configuration management, and defense in depth best practices.
- A background and some experience with RMF, NIST SP800-53, CNSSI, DCID 6/3, JSIG, and/or ICD 503. Knowledge of current authorization practices, particularly within the DoD and IC is desired.
- Experience with security configuration related to modern Windows, Linux, UNIX, Cisco, SQL or Oracle databases, and virtualized systems.
- Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusion via intrusion detection technologies
- A minimum of 6 years’ experience with information security and related security concerns including information system security assessments.
Must have an active TS/SCI clearance with the U.S. Federal Government