Trilogy FederalRemote
Cyber Security Analyst
Virginia, United States of America
Full Time
2 weeks ago
$103,000 - $118,000 USD
Visa Sponsor
Key skills
Cyber SecurityPenetration Testing
About this role
Role Overview
- Perform ongoing vulnerability scanning, penetration testing, code review, and remediation in line with NIST SP 800-53 and related standards.
- Develop, document, review, and maintain Assessment & Authorization (A&A) artifacts, including security plans, risk assessments, and Plan of Action and Milestones (POA&M), supporting ATO submissions and renewals.
- Respond to, analyze, and report on security events and incidents, including notification to stakeholders within strict timeframes. Remediate security vulnerabilities within specified periods according to severity.
- Ensure compliance with Federal, VA, FISMA, NIST, HIPAA, Privacy Act, and organizational security and privacy directives.
- Complete mandatory and additional annual privacy and security training as required.
- Coordinate with VA technical staff, ISSOs, and integration teams to ensure proper migration, deployment, and operational support for new or updated systems.
- Provide support for the implementation of security controls on operating systems, application code, network infrastructure, and endpoints. Participate in audits and assessments, and provide evidence of compliance as requested.
- Monitor, track, and report on key security KPIs including vulnerability remediation timeframes, incident resolution metrics, and system security posture.
- Proactively apply OS and application patches; validate and report the effect of third-party patches.
- Develop and maintain robust operational and incident response documentation, participate in after-action reviews, and contribute to lessons learned for continuous process improvement
Requirements
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related discipline; equivalent practical experience may be considered.
- Minimum of 10 years of progressive experience in cyber security operations, risk assessment, vulnerability management, or information security compliance.
- Demonstrated knowledge of and experience with relevant federal cybersecurity standards.
- Experience conducting and reporting on vulnerability assessments, penetration testing, and security control testing.
- Familiarity with security tools including but not limited to Static Application Security Testing (SAST) tools (e.g., Micro Focus Fortify), penetration testing suites, SIEM/monitoring platforms.
- Experience supporting ATO and A&A processes, and maintaining compliance documentation in regulated environments.
- Understanding of DevSecOps practices and principles; collaborative experience with development, operations, and compliance teams.
- Ability to manage multiple applications.
- Ability to obtain a Public Trust Clearance.
Tech Stack
- Cyber Security
Benefits
- Health, dental, and vision plans
- Optional FSA
- Paid parental leave
- Safe Harbor 401(k) with employer contributions 100% vested from day 1
- Paid time off and 11 paid holidays
- No cost group term life/AD&D plan, and optional supplemental coverage
- Pet insurance
- Monthly phone and internet stipend
- Tuition and training reimbursement