Cyber Security Analyst
Apply NowCompany: 22nd Century Technologies Inc.
Location: Lexington Park, MD 20653
Description:
Company Description
22nd Century Technologies .. We are Government Software integrators working with DoD and civilian space and are fast growing company in DoD sector with clients like US Air Force, US Navy and Army.
Find more about us at www.tscti.com .
22nd Century Technologies is an equal opportunity employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, disability, veterans status, sexual orientation, or any other protected factor.
Job Description
We are seeking an Information Security Engineer for a direct hire/permanent role in Monroe, LA. This position will be on a Cybersecurity Vulnerability Assessment team. This position will be responsible for identifying and ethically exploiting vulnerabilities on internal company servers, databases, applications, and network elements enterprise wide in order to present the associated risk to the business.
Responsibilities:
Oversee the response to critical industry-wide vulnerabilities which impact company systems by analyzing the vulnerability, engaging the system owners in the business, identifying systems impacted, prioritizing remediation, ensuring remediation plans are established.
Assist with operating system, web application, database, and network vulnerability scanning as needed to support industry compliance obligations.
Realize strategic security initiatives to improve the team capabilities through automation development, processes enhancements, and infrastructure expansion.
Perform vulnerability assessment and penetration testing engagements for corporate infrastructures and new products/services encompassing network elements, operating systems, databases, and applications.
Represent the Cyber Defense team within Corporate Security as a Subject Matter Expert (SME) regarding current and emerging cyber threats, vulnerabilities, technologies, intrusion techniques, and exploit methodologies.
Collaborate with business units to define engagement parameters for penetration testing and vulnerability assessments.
Create penetration testing results reports, industry-wide vulnerability analysis reports, and similar vulnerability assessment documentation intended for risk awareness to business units and multiple levels of management.
Qualifications
Active Secret Clearance.
DoD 8570 IAT Level II (Security+CE, CCNA-Security, GSEC, SSCP) or IAM Level II Certification (CAP, CASP CE, GSLC, CISM, CISSP).
Bachelor's in Cyber Security, Information Systems Management (ISM), Computer Science, or other related fields.
Intermediate or Fully Qualified Navy Validator.
Knowledge of Federal Acquisition Regulation (FAR).
3 - 5 years of experience implementing DoD 8500 series and NIST 800 series policy/guidance.
1 year minimum hands-on experience using the following tools to include but not limited to;
o Assured Compliance Assessment Solution (ACAS),
o Enterprise Mission Assurance Support Service (eMASS),
o DISA STIG Viewer, and
o Microsoft Office Products (SharePoint, Project, Visio, Excel, Access a must).
Additional Information
All your information will be kept confidential according to EEO guidelines.
22nd Century Technologies .. We are Government Software integrators working with DoD and civilian space and are fast growing company in DoD sector with clients like US Air Force, US Navy and Army.
Find more about us at www.tscti.com .
22nd Century Technologies is an equal opportunity employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, disability, veterans status, sexual orientation, or any other protected factor.
Job Description
We are seeking an Information Security Engineer for a direct hire/permanent role in Monroe, LA. This position will be on a Cybersecurity Vulnerability Assessment team. This position will be responsible for identifying and ethically exploiting vulnerabilities on internal company servers, databases, applications, and network elements enterprise wide in order to present the associated risk to the business.
Responsibilities:
Oversee the response to critical industry-wide vulnerabilities which impact company systems by analyzing the vulnerability, engaging the system owners in the business, identifying systems impacted, prioritizing remediation, ensuring remediation plans are established.
Assist with operating system, web application, database, and network vulnerability scanning as needed to support industry compliance obligations.
Realize strategic security initiatives to improve the team capabilities through automation development, processes enhancements, and infrastructure expansion.
Perform vulnerability assessment and penetration testing engagements for corporate infrastructures and new products/services encompassing network elements, operating systems, databases, and applications.
Represent the Cyber Defense team within Corporate Security as a Subject Matter Expert (SME) regarding current and emerging cyber threats, vulnerabilities, technologies, intrusion techniques, and exploit methodologies.
Collaborate with business units to define engagement parameters for penetration testing and vulnerability assessments.
Create penetration testing results reports, industry-wide vulnerability analysis reports, and similar vulnerability assessment documentation intended for risk awareness to business units and multiple levels of management.
Qualifications
Active Secret Clearance.
DoD 8570 IAT Level II (Security+CE, CCNA-Security, GSEC, SSCP) or IAM Level II Certification (CAP, CASP CE, GSLC, CISM, CISSP).
Bachelor's in Cyber Security, Information Systems Management (ISM), Computer Science, or other related fields.
Intermediate or Fully Qualified Navy Validator.
Knowledge of Federal Acquisition Regulation (FAR).
3 - 5 years of experience implementing DoD 8500 series and NIST 800 series policy/guidance.
1 year minimum hands-on experience using the following tools to include but not limited to;
o Assured Compliance Assessment Solution (ACAS),
o Enterprise Mission Assurance Support Service (eMASS),
o DISA STIG Viewer, and
o Microsoft Office Products (SharePoint, Project, Visio, Excel, Access a must).
Additional Information
All your information will be kept confidential according to EEO guidelines.