Senior Cyber Security Analyst
Reston, Virginia, Us
• Leading security control assessments utilizing cyber security and information systems security (INFOSEC) technical knowledge in accordance with NIST SP 800-53 revision 4 and the Risk Management Framework (RMF) as part of the Information Assurance (IA) team.• Providing technical knowledge and dissemination of information in a team environment by interpreting NIST and FISMA regulations. Training system owner support analysts how to remediate vulnerability findings in their systems post-assessment, and using BMC Remedy ticketing system.• Assessing and documenting Virtual Machines, Windows and Linux systems deficiencies while creating written reports of unresolved vulnerabilities.• Peer reviews of team member’s work, mentoring team members, and working professionally with clients on-site.• Meeting with executives discussing system level vulnerabilities with relationship to custom government applications, cloud systems, security applications, web applications, and cross-domain solutions.• Develop a new and improved risk calculus methodology based on NIST SP 800-30 and NIST SP 800-39 to assess risk ratings, and vulnerability ratings to systems as part of the clients risk management strategy team.• Lead recruiting efforts including resume review, phone and in-person interviews for cyber security analysts.• Discover cutting edge end-point security solutions; write whitepapers, and present to stakeholders.• Review Mcafee Vulnerability Manager scanning results, .VMX files, Windows 2008 Server/IIS 7.0/SQL Server security configuration settings.• Evaluating System Security Architecture and reviewing system design documentation such as Security Plans, Information System Contingency Plans, and Configuration Management Plans.