Cyber Security Analyst
CurrentProvide Cybersecurity Compliance auditing support of unclassified and classified networks and systems to support preparations for Command Cyber Readiness Inspections Command Cyber Operational Readiness Inspections, Department of Defense or Department of the Navy Inspector General inspections, internal cyber inspections conducted internally or by authorized external government agencies or contractors. Assess and document the cybersecurity posture for applicable networks and systems. Execute audits on information systems and operating procedures, in accordance with established standards for efficiency, accuracy and security. Evaluates IT infrastructure in terms of risk to the Enterprise and establishes controls to mitigate loss. Determine and recommend improvements in current risk management controls and implementation of system changes or upgrades.Verify existing systems and networks cybersecurity compliance status by following the Joint Force Headquarters-DoD Information Networks Computer Network Defense Guide, Contributing Factors Guide. Analyze scan results to identify vulnerabilities using Tenable Security Center (Assured Compliance Assessment Solution scanning and reporting alongside the Best Practices Guide to recommended immediate remediation. Verify integrity of discovery scans through comparison of network diagrams, hardware/software lists, and network address declaration. Work with Program of Record, and subject matter experts to ensure security solutions are IAW DoD policy. Participate in CCRI and Cyber Security Inspections. Verify systems and devices configurations and compliance are in accordance with DISA Security Technical Implementation Guides and Security Content Automation Protocol. Perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance. Review local policies to ensure they are aligned with DoD requirements.