Cybersecurity Analyst Engineer
Garud Technology Services, Inc. (GTS) is in search of a motivated, self-driven Cybersecurity Analyst Engineer that works well independently and is interested in working with Major Automated Information Systems (MAIS). Applicants must have a passion for their work, be innovative, and possess strong verbal and written communication and analytic skills. Candidates are expected to be focused and solution-oriented individuals. They must have experience with Department of Defense (DOD) and/or Department of Homeland Security (DHS) cybersecurity compliance and cyber resilience T&E requirements and processes, and in the evaluation of system security using approved tools and industry best practices. If you are interested in having a direct impact on matters dealing with homeland and national security, this position is for you! Under the guidance of the program manager, the Cybersecurity Analyst Engineer will lead the testing and evaluation of system cyber resilience for MAIS upgrades that support business flow, resource planning, and data reporting. This individual is expected to leverage expertise in cybersecurity to plan and prioritize tasks and coordinate government participation in operational test events, to oversee testing, and to analyze test results. The Cybersecurity Analyst Engineer prepares reports of test results to include summaries of demonstration events, final test reports, and makes recommendations to improve system cybersecurity and cyber resilience posture.
Responsibilities & Duties
- Support and facilitate cyber resilience testing activities as directed and provide quality deliverables.
- Develop the Cyber Resilience Operational Test and Evaluation (OT&E) Strategy.
- Review the Test and Evaluation Master Plan (TEMP) and provide comments on the planned approach to cybersecurity testing.
- Identify test measures and test methods for cyber resilience testing for inclusion in the TEMP and the Cyber Resilience Test Plan.
- Develop resource requirements to support cyber resilience testing.
- Develop detailed test scripts to guide cyber resilience test events.
- Coordinate resources and oversee cyber resilience testing.
- Collect, reduce, analyze and archive cyber resilience test data.
- Prepare reports summarizing results of cyber resilience testing.
- Serve as the Senior Subject Matter Expert for cyber resilience testing.
- Work in a cross-functional environment and with multiple internal and external stakeholders, coordinating, communicating and implementing customer requirements.
- Demonstrate proficiency with Microsoft Office suite, MS Access and Excel, etc..
- Employ excellent written and verbal communication skills.
A bachelor’s degree in Information Technology or related field.
Must have 5 to 7 years of combined professional experience relevant to cybersecurity for DOD and /or DHS Security systems/networks, ideally as an IT Security Engineer, CISO, CSO, ISSM, ISSO or similar. A portion of this experience may be satisfied by experience in IT system administration, software development, or oversight of computer network defense. Must exhibit a high degree of initiative and critical thinking skills in order to manage multiple priorities simultaneously in a fast-paced, deadline-driven, detail-oriented work environment. Must possess strong analytical, oral and written communication, and interpersonal skills. Be an excellent technical writer with the ability to develop reports and graphs based on the data analysis. Strong Microsoft Access, Excel, Word, and PowerPoint skills and knowledge of software tools for penetration testing are a must.
Washington, DC occasionally, on-site at client site. The majority of work will be performed off-site, working distributed and independently. Some travel may be required.
Citizenship and Security Clearance Requirements
Applicants must have a US citizenship. Successful applicants will need to successfully complete a background investigation (BI) prior to beginning work. Nothing in applicants’ history should prevent them from obtaining a security clearance. Persons with an existing BI for DHS Federal Emergency Management Administration (FEMA) and US Customs and Border Patrol (CBP) are preferred.
- CISSP (preferred).
- Knowledge of current DOD and/or DHS guidance for cyber resilience testing.
- Knowledge of capabilities and procedures for use of cybersecurity ranges, labs and other resources.
- Knowledge the Risk Management Framework (RMF) for cybersecurity.
- Ability to evaluate and assess Security Plans, Security Assessment Plans, Cybersecurity Strategy, Program Protection Plan, Security Assessment Reports, RMF Plan of Action and Milestones, scan results from various enumeration and vulnerability scanning tools.
- Ability to develop a strategy and budget resources for cyber resilience testing (i.e., Table Top Assessment, Cooperative Vulnerability and Penetration Assessment (CVPA) and Adversarial Assessment (AA)) in a mission context with a representative threat and operating environment.
- Ability to deliver cyber resilience portions of the TEMP. The TEMP should detail how testing will provide the information needed to assess cyber resilience and inform acquisition decisions.
- Ability to develop test plans for cyber resilience testing in IT&E and OT&E. This includes evaluation of capability to be resilient (i.e., protect, detect, react and restore) to sustain operations. in a cyber-contested environment. Plans should leverage system cybersecurity compliance artifacts (i.e., RMF security control assessments) to help resolve cyber resilience requirements.
- Ability to plan and execute vulnerability and adversarial testing.
- Ability to develop an Integrated Evaluation Framework.
- Ability to prepare executive briefs summarizing cybersecurity testing plans, progress and results.
Immediately – This is a Full-Time, funded position.
Will be commensurate with experience. GTS has highly competitive benefits, excellent development opportunities and a great working environment. For more information on benefits follow the link: https://www.garudtechnology.com/work-with-us/careers/.
Garud Technology Services, Inc. (GTS), is a Maryland-based, Woman Owned Small Business (WOSB), and a highly-specialized provider of Technical and Professional services to organizations with demanding requirements. Our portfolio of customers includes the Department of Defense (DoD), Department of Education (ED), Department of Homeland Security (DHS), Department of Transportation (DOT) and federal, state and local authorities tasked with developing and fielding cutting-edge technologies. Our team includes engineers, scientists and Subject Matter Experts with hard-to-find experience and qualifications, and we apply industry accepted quality processes that include CMMI-DEV (Level II Appraised). ISO-9001 & 14001:2015 and ISO/IEC 20000-1:2011 & 27001:2013 (Certified). Learn more about GTS at www.garudtechnology.com.