Cyber Security Analyst

Description

The Cyber Security Analyst provides Operational and Compliance expertise for all facets of the Information Technology Program. Applies specialized knowledge and expertise in formulating and implementing plans, programs, policies, and systems appropriate to various threat situations and local conditions. Must be able to use analytical skills to solve problems and establish priorities to achieve high-quality results. The Cyber Security Analyst will support the Information Technology Program in Vulnerability Management, Incident Response, Security Engineering, and Cyber Compliance-related efforts.

Responsibilities:

• Supports the Cyber Security and Information Technology programs, reporting to the Cyber Site Lead (ISSO), Cyber Manager (ISSM), and IT Program Manager.
• Interacts on a regular basis with all levels of contractor management.
• Coordinates investigative activities with appropriate management, formulates written reports, and presents oral briefings on Incidents of Security Concern (IOSC).
• Conducts audits or surveys of security programs and provides assistance and consulting services to all departments.
• Ensures all changes to systems are performed in accordance with configuration controls.
• Researches, documents, and implements software application security requirements, and works with userbase to ensure effective use of applications.
• Shares technical knowledge and works closely with the technical administrators (systems, networks, database, etc.) to provide mutual support.
• Schedules, performs, and monitors various scans and tests within the computing environment in order to identify vulnerabilities, configuration errors, and areas for improvement and general debugging.
• Gathers metrics on a daily, weekly, and monthly basis to drive discussion and decision-making with management, team members, and end-users.
• Develops and maintains user manuals, guides, work instructions, procedures, and other technical and non-technical documentation.
• Participates in the design and implementation of systems, policies, and procedures for disaster recovery and data archiving to ensure effective protection and integrity of data assets.
• Remain conversant with the industry’s computer security technology and practices.
• Maintains a safe working environment. Demonstrates awareness and implementation of applicable environmental, safety, and health (ES&H) requirements while also alerting coworkers of such requirements as needed.

Basic Qualifications:

• Bachelor’s degree and 2 years of related IT/Cyber experience; or, high school diploma/equivalent plus at least 4 years of IT/Cyber experience;
• Must be able to obtain and maintain a U.S. Department of Energy (DOE) security clearance at a Q level.
• Must be a U.S. citizen
• Proficiency in supporting the various components, teams, and processes associated with an enterprise IT environment, with specific emphasis on supporting US Government computing environment standards and infrastructure concepts.
• Proficiency in technical and non-technical communications; ability to collaborate with technical staff and customers driving process improvement.
• Must work 2-4 days onsite in Paducah, KY, and 1-2 days telework.

Preferred Qualifications:

• Knowledge of U.S. Department of Energy (DOE) directives, policies, and procedures pertaining to sensitive information, computing, cybersecurity, information technology, etc.
• IT/Cyber technical certifications are highly preferred
• Related industry-recognized certifications in the Cyber and IT field; Security+, CySA+, CEH, CISSP, CISM, and other professional-level certifications are highly desired.
• Active TOP SECRET or DOE Q clearance preferred; ability to be subjected to and pass a thorough background investigation prior to employment

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.