Cyber Security Analyst

We are seeking an Information Security Engineer for a direct hire/permanent role in Monroe, LA.  This position will be on a Cybersecurity Vulnerability Assessment team. This position will be responsible for identifying and ethically exploiting vulnerabilities on internal company servers, databases, applications, and network elements enterprise wide in order to present the associated risk to the business. 

Responsibilities:

· Oversee the response to critical industry-wide vulnerabilities which impact company systems by analyzing the vulnerability, engaging the system owners in the business, identifying systems impacted, prioritizing remediation, ensuring remediation plans are established.

· Assist with operating system, web application, database, and network vulnerability scanning as needed to support industry compliance obligations.

· Realize strategic security initiatives to improve the team capabilities through automation development, processes enhancements, and infrastructure expansion.

· Perform vulnerability assessment and penetration testing engagements for corporate infrastructures and new products/services encompassing network elements, operating systems, databases, and applications.

· Represent the Cyber Defense team within Corporate Security as a Subject Matter Expert (SME) regarding current and emerging cyber threats, vulnerabilities, technologies, intrusion techniques, and exploit methodologies.

· Collaborate with business units to define engagement parameters for penetration testing and vulnerability assessments.

· Create penetration testing results reports, industry-wide vulnerability analysis reports, and similar vulnerability assessment documentation intended for risk awareness to business units and multiple levels of management.

• Active Secret Clearance.
• DoD 8570 IAT Level II (Security+CE, CCNA-Security, GSEC, SSCP) or IAM Level II Certification (CAP, CASP CE, GSLC, CISM, CISSP).
• Bachelor’s in Cyber Security, Information Systems Management (ISM), Computer Science, or other related fields.
• Intermediate or Fully Qualified Navy Validator.
• Knowledge of Federal Acquisition Regulation (FAR).
• 3 – 5 years of experience implementing DoD 8500 series and NIST 800 series policy/guidance.
• 1 year minimum hands-on experience using the following tools to include but not limited to; o Assured Compliance Assessment Solution (ACAS), o Enterprise Mission Assurance Support Service (eMASS), o DISA STIG Viewer, and o Microsoft Office Products (SharePoint, Project, Visio, Excel, Access a must).

All your information will be kept confidential according to EEO guidelines.