Cybersecurity Analyst
Cybersecurity Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Bizzell US is hiring two (2) experienced Cybersecurity Analysts to provide proactive monitoring threat detection vulnerability management and incident response across FOHs enterprise IT environment. These analysts will also support Plan of Action and Milestone (POA&M) development tracking and reporting in accordance with FISMA NIST and HHS security policies.
The ideal candidate has a strong foundation in riskbased cybersecurity operations within federal civilian agencies and experience coordinating with oversight entities like HHS OCIO.
Key Responsibilities
Threat & Vulnerability Management
- Monitor FOH systems for vulnerabilities threats and anomalies using tools like Nessus Tenable or equivalent.
- Perform patch management validation and recommend remediation strategies to maintain system hardening.
Incident Response
- Lead or assist in cyber incident investigations triage and mitigation.
- Collect forensic evidence perform log analysis and coordinate with HHS OCIO and ISSO on breach response activities.
Compliance & POA&M Management
- Track and manage all identified security weaknesses through the POA&M lifecycle.
- Ensure timely remediation of vulnerabilities based on severity:
- Critical 15 days
- High 30 days
- Medium 90 days
- Low 365 days
- Coordinate input for ATO renewals security assessments and annual control testing.
Security Operations
- Support continuous monitoring endpoint protection audit log review and access control enforcement.
- Collaborate with IT support system admins and application developers to implement security controls and mitigate risks.
- Maintain compliance with FISMA NIST 80053 HHS Policy for IT Security and FedRAMP where applicable.
Reporting & Documentation
- Prepare reports for the COR ISSM/ISSO and internal stakeholders on current threats vulnerabilities and remediation progress.
- Respond to HHS data calls audits and formal security documentation requests.
Required Qualifications
- Bachelors degree in Cybersecurity Information Systems or related field.
- 3 years of handson cybersecurity experience in a federal or regulated environment.
- Strong understanding of NIST 80053 POA&M workflows and federal incident response playbooks.
- Familiarity with vulnerability management tools SIEM platforms and audit logging procedures.
Preferred Qualifications
- Active certification such as Security CEH CISSP GSEC or CAP.
- Prior experience supporting HHS or other federal health agencies.
- Experience using ServiceNow Archer GRC or similar platforms for POA&M tracking and remediation.
Work Environment
- Hybrid with core hours between 7 AM 6 PM EST; may require availability for afterhours incident response.
- Some onsite presence at Rockville MD may be required for briefings audits or system reviews.
Required Experience:
IC
Employment Type
Full Time
