Cyber Analyst (CSSP)

General Summary:
Performs system monitoring and analysis support for the detection of cyber incidents and provides recommendations on how to correct findings.

Principal Duties and Responsibilities (*Essential Functions):

Analyzes network data using packet capture analysis, network flow analysis, as well as Cloud Logs to identify and report on potential security incidents.
• Assists customers with remediation of a wide range of cybersecurity issues including vulnerabilities, misconfigurations, cyber incidents, and non-compliance.
• Familiar with encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research.
• Provides analysis, recommendations, and verification to achieve acceptable mitigation of security incidents.
• Generate and publish monthly reports providing customers with a summary of their cyber security posture. As well as track customers with consistent issues.
• Conducts daily review of open vulnerabilities using both Network and Endpoint based security solutions, reporting on high risk findings and tracking mitigation efforts until resolved.
• Enforce endpoint quarantine policies on extremely high risk devices using Endpoint Security Solution.
• Assist customers in preparing for upcoming cyber security posture assessments by providing overview of topics covered by assessment, and coordinating with customer and other operational teams to mitigate potential high risk findings observed on the site's network.
• May interface with external entities (e.g. law enforcement, intelligence/government agencies, etc.)

At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our "Family of Professionals!" Learn about our employee-centric culture and benefits here .

Required Experience

Required Qualifications

• Bachelor's degree or higher in a related field
• Minimum of 1-4 years of related experience
• Active CompTIA Security+CE certification
• Strong written and verbal communication skills
• Ability to communicate and present information to customers at varying levels of technical detail.
• Comfortable working in a constantly adapting and changing environment that may require learning new skills and the ability to adjust priorities.
• Basic knowledge of Computer Network Defense activities to include standard cyber-defense Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS), network monitoring, packet capture analysis, network flow analysis, network proxy operation, firewalls, and anti-virus capabilities.
• Basic knowledge of vulnerability and risk management techniques in a cyber security setting, including handling risk/severity-based prioritization and decision making.
• US Citizenship Required; must be able to obtain an interim DoD clearance prior to start.

Preferred Qualifications

• Experience analyzing alerts using PCAPs and/or cloud logs, as well as an understanding of network threats, potential network exploitation, and methods to defend against potential malicious activity
• Proficiency in Office 365 tools at a professional level
• Experience using vulnerability scanning solutions such as Tenable Nessus
• Experience using data presentation/automation tools such as PowerBI or Tableau
• Experience assessing Security Technical Implementation Guide (STIG) findings
• Experience working with Endpoint Security Solutions such as Trellix or Microsoft Defender Endpoint
• Experience handling risk/severity-based prioritization and decision making
• CySA+ or CEH certification
• Top Secret Clearance

Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.