Security Analyst

Required consultant experience provided by Contractor shall include:

At least 6 years of experience using information security tools to identify vulnerabilities in custom application code commercial software system configurations and networks such as vulnerability scanners endpoint detection and response (EDR) platforms security information and event management (SIEM) solutions firewalls port scanners intercept proxies log parsers IDS/IPS solutions etc.

At least 8 years of combined IT network and security work experience with a broad range of exposure such as systems analysis digital forensics networking web filters web application vulnerability assessments application development database design and/or system administration.

Experience in working with third parties to coordinate monitor respond to and coordinate cybersecurity threats incidents mitigations and response cycles.

Experience creating modifying and analyzing scripts such as PowerShell and Python.

Experience creating policy procedure and working documents at a high level of proficiency.

Ability to communicate technical information to broad audiences verbally and in writing.

Ability to establish and maintain effective working relationships with cross functional teams.

Experience working independently and as a project team member in security administration.

Ability to contribute to the capability development and team rapport of the Department s Security Operations Center.

Experience working in a NIST Cybersecurity Framework aligned security program.

Preferred Experience:

Hold active information security certifications such as: CEH CISSP CISA CISM CCNP CCIE Security GCIA etc.

Experience in IT security related to application development and code reviews.

Experience as a project team leader in security administration.

Experience creating automated processes.

Experience leveraging artificial intelligence in attack detection analysis and response processes.

Knowledge of the MITRE ATT&CK framework.