Cyber Security Analyst

Bethesda, MD - USA

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

Hoplite Solutions is seeking a Cybersecurity Analyst to help support the organizations cybersecurity program by implementing and maintaining security operations at both tactical and operational levels. This role helps ensure that security controls are operating effectively across key areas including security logging monitoring alert management incident response vulnerability management and configuration management.
The analyst will work closely with multidisciplinary teamsincluding Information Systems Security Engineers (ISSEs) Information Systems Security Managers (ISSMs) software developers and systems engineers to strengthen the security posture of mission systems. Throughout the DevSecOps lifecycle the candidate will assist in developing implementing and maintaining robust security strategies that protect mission-critical systems data and infrastructure while ensuring compliance with organizational and federal cybersecurity requirements.

Primary Responsibilities:

Monitor system and network security using Security Information and Event Management (SIEM) tools such as Splunk Enterprise Security to detect analyze and respond to potential threats or anomalous activity.
Conduct routine vulnerability scans provide formal and informal reports to technical teams and track remediation efforts to closure.
Investigate and respond to cybersecurity incidents including system or network breaches and malware attacks and support digital forensic investigations as needed.
Research and evaluate emerging cybersecurity threats and mitigation strategies; proactively identify security weaknesses and vulnerabilities; and audit systems to ensure secure configurations.
Audit systems configuration to ensure compliance with established cybersecurity policies standards and secure configuration baselines.
Continuously monitor security advisories bulletins and industry threat intelligence to stay informed of current vulnerabilities threats and trends.
Participate in data analysis and root cause analysis following service-impacting incidents and providing recommendation for corrective actions and security improvements.
Collaborate with technical teams developers and customer leadership to strengthen the overall security posture of the supported systems.
Provide risk-based recommendations to customers after reviewing the overall risk posture of sponsored assets as part of the Risk Management Framework (RMF) and Authority to Operate (ATO) processes.
Manage and track customer-sponsored assets Plans of Action and Milestones (POA&Ms) by coordinating with key security stakeholders (ISSO ISSE ISSM SCA) throughout the post-authorization lifecycle.

Basic Qualifications:

Experience utilizing and tuning Splunk Enterprise Security (or similar SIEM platforms) to analyze cybersecurity audit and event logs identify notable events and optimize alerting rules.
Experience reviewing published vulnerabilities (e.g. CVEs) and determining potential impact by analyzing system logs and indicators of compromise to detect active exploitation
Experience documenting findings and results following security data calls incident investigations or vulnerability assessments
Experience supporting incident detection incident response forensic investigations and incident response plan execution.
Experience coordinating with security personnel and recommending mitigation strategies to reduce risk and strengthen system security.
Experience identifying vulnerabilities and non-compliance with cybersecurity standards security policies and regulatory requirements.
Experience collaborating with DevSecOps teams to analyze vulnerability scan results and support remediation of identified security findings.
Experience managing and maintaining a library of security audit tools and processes used for system security testing internal audits incident response and troubleshooting security-related issues.
Experience performing and maintaining vulnerability scans using customer-approved tools and generating reports detailing risk findings and remediation progress.
Experience reviewing Risk Management Framework (RMF) documentation and providing feedback to ensure completeness and compliance with security requirements.
Strong analytical problem-solving and organizational skills with exceptional attention to detail.
Education/Experience: Bachelors degree and 812 years of relevant experience or an equivalent combination of education and professional experience in lieu of a degree.
To be considered must have an active TS/SCI with polygraph security clearance

Preferred Qualifications:

Familiar with SEIM platforms
Experience with RHEL
Experience with additional security tools such as Rapid7 Tenable/Nessus HBSS/Trellix Wireshark Static analysis (SAST) and dynamic analysis (DAST) tools or endpoint detection and response (EDR) platforms.
Familiarity with NIST cybersecurity frameworks including NIST SP 800-53 RMF processes and federal compliance standards.
Experience supporting cloud security monitoring and compliance within AWS Azure Oracle (OCI) or Google Cloud environments.
Professional cybersecurity certifications such as Security CISSP CySA CEH or GCIH.
Experience developing or supporting security dashboards reporting metrics or threat-hunting activities.

At Hoplite Solutions we pride ourselves on offering competitive salaries and a comprehensive benefits package. This includes full coverage for health dental and vision insurance for both individuals and families along with 100% coverage for life insurance long-term and short-term disability. Additionally we match up to 7% of employees contributions to their 401(k) funds and follow the federal holiday calendar for paid holidays. With 4 weeks of paid time off and $5000 yearly for education assistance or technical training were dedicated to supporting our employees professional and personal growth.

Required Experience:

Manager

Monitor system and network security using Security Information and Event Management (SIEM) tools such as Splunk Enterprise Security to detect analyze and respond to potential threats or anomalous activity.
Conduct routine vulnerability scans provide formal and informal reports to technical teams and track remediation efforts to closure.
Investigate and respond to cybersecurity incidents including system or network breaches and malware attacks and support digital forensic investigations as needed.
Research and evaluate emerging cybersecurity threats and mitigation strategies; proactively identify security weaknesses and vulnerabilities; and audit systems to ensure secure configurations.
Audit systems configuration to ensure compliance with established cybersecurity policies standards and secure configuration baselines.
Continuously monitor security advisories bulletins and industry threat intelligence to stay informed of current vulnerabilities threats and trends.
Participate in data analysis and root cause analysis following service-impacting incidents and providing recommendation for corrective actions and security improvements.
Collaborate with technical teams developers and customer leadership to strengthen the overall security posture of the supported systems.
Provide risk-based recommendations to customers after reviewing the overall risk posture of sponsored assets as part of the Risk Management Framework (RMF) and Authority to Operate (ATO) processes.
Manage and track customer-sponsored assets Plans of Action and Milestones (POA&Ms) by coordinating with key security stakeholders (ISSO ISSE ISSM SCA) throughout the post-authorization lifecycle.

Basic Qualifications:

Experience utilizing and tuning Splunk Enterprise Security (or similar SIEM platforms) to analyze cybersecurity audit and event logs identify notable events and optimize alerting rules.
Experience reviewing published vulnerabilities (e.g. CVEs) and determining potential impact by analyzing system logs and indicators of compromise to detect active exploitation
Experience documenting findings and results following security data calls incident investigations or vulnerability assessments
Experience supporting incident detection incident response forensic investigations and incident response plan execution.
Experience coordinating with security personnel and recommending mitigation strategies to reduce risk and strengthen system security.
Experience identifying vulnerabilities and non-compliance with cybersecurity standards security policies and regulatory requirements.
Experience collaborating with DevSecOps teams to analyze vulnerability scan results and support remediation of identified security findings.
Experience managing and maintaining a library of security audit tools and processes used for system security testing internal audits incident response and troubleshooting security-related issues.
Experience performing and maintaining vulnerability scans using customer-approved tools and generating reports detailing risk findings and remediation progress.
Experience reviewing Risk Management Framework (RMF) documentation and providing feedback to ensure completeness and compliance with security requirements.
Strong analytical problem-solving and organizational skills with exceptional attention to detail.
Education/Experience: Bachelors degree and 812 years of relevant experience or an equivalent combination of education and professional experience in lieu of a degree.
To be considered must have an active TS/SCI with polygraph security clearance

Preferred Qualifications:

Familiar with SEIM platforms
Experience with RHEL
Experience with additional security tools such as Rapid7 Tenable/Nessus HBSS/Trellix Wireshark Static analysis (SAST) and dynamic analysis (DAST) tools or endpoint detection and response (EDR) platforms.
Familiarity with NIST cybersecurity frameworks including NIST SP 800-53 RMF processes and federal compliance standards.
Experience supporting cloud security monitoring and compliance within AWS Azure Oracle (OCI) or Google Cloud environments.
Professional cybersecurity certifications such as Security CISSP CySA CEH or GCIH.
Experience developing or supporting security dashboards reporting metrics or threat-hunting activities.

Required Experience:

Manager

Key Skills

Apply Now

About Company

Hoplite Solutions

Hoplite Solutions delivers a range of services throughout Information Technology, Engineering and Project Management to keep your projects running smoothly.

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click