Cybersecurity Analyst

About us:

BDR Solutions, LLC, (BDR) supports the U.S. Federal Government in successfully achieving its mission and goals. Our service and solution delivery starts with understanding each client's end-state, and then seamlessly integrating within each Agency's organization to improve and enhance business and technical operations and deployments.

(Military Veterans are highly encouraged to apply)

Role Overview:

As a Cybersecurity Analyst, you will support the security program to ensure assets are protected and assess/manage the security environment through the implementation of new security technologies and controls. To be successful in this role, you will need to have Proficiency in Microsoft Excel for data analysis, reporting, and visualization, strong Splunk and scripting experience. You will also need to have experience in presenting vulnerability information in a way that shows vulnerability trends for a given application, platform, or specific type of technology.

Work Location: Hybrid (minimum 3 days onsite a week) - Washington, DC

Responsibilities:

Daily responsibilities may include:

• Monitor and analyze security alerts from various sources (SIEM, IDS/IPS, firewalls, endpoint protection).
• Produce daily, weekly, monthly, or quarterly vulnerability reports that track critical, high, medium, and low categorized vulnerabilities in a way that shows actionable date such as a given percent an given platform or vulnerability category has risen or been remediated.
• Investigate and respond to security incidents, ensuring timely containment and remediation.
• Perform vulnerability assessments and recommend mitigation strategies.
• Maintain and update security documentation, including incident reports and playbooks.
• Collaborate with IT teams to implement security controls and best practices.
• Conduct threat intelligence research to identify emerging risks and attack vectors.
• Support compliance efforts with relevant frameworks (e.g., NIST, ISO 27001, etc).
• Assist in security awareness training for employees.
• Participate in regular security audits and risk assessments.
• Provide recommendations for improving overall security posture.
• Proactively work with engineering, operations, development, and customers to maintain practices that meet defined policies and standards for information security
• Conduct continuous assessment of current technology architecture for vulnerabilities, weaknesses and other risks
• Support information security audits performed internally by the organization or third-party personnel
• Coordinate, detect, measure, and report on the technical aspects of security processes and operational components of incident management
• Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk
• Ensure audit trails, system logs and other cybersecurity monitoring data sources are configured in accordance with cybersecurity policy and accessible to necessary parties for review and compliance
• Support, coordinate, and adhere to security-testing procedures to verify the security of systems, networks and applications, and support the remediation of identified vulnerabilities
• Liaise among internal teams and external vendors to ensure compliance and a strong security posture
• Consult with IT staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software
• Recommend and coordinate the implementation of technical controls to support and enforce defined security policies
• Implement and maintain Splunk / Tenable platform infrastructure and configuration as well as support day-to-day operational and user support
• Customize Splunk queries and service help desk requests for Splunk / Tenable platform system-related assistance
• Conducts advanced searching, forensics, and analytics utilizing security tools in support of cybersecurity tasks

Required Minimum Qualifications:

• Eligible for a DOD Top Secret clearance SCI
• One or more Information Security Certifications (i.e Security+, CEH, CISSP, CISA, CISM, CBCP, or GIAC)
• Bachelor in Cybersecurity or similar field
• A minimum of 3 years of IT experience, with at least 3 years in an information security role and at least 3 years of experience with Splunk Enterprise
• A strong understanding of the business impact of security tools, technologies, and policies
• Analytical skills, and high-level problem-solving skills that allow for effective and efficient resolution to many complex information security issues
• Proficiency in Microsoft Office Suite (Excel, Word, PowerPoint, Outlook) for documentation, reporting, and presentations
• Excel: Pivot tables, formulas, data analysis, data visualization for reporting
• Word: Professional documentation and formatting
• PowerPoint: Creating clear and engaging presentations
• Outlook: Efficient email and calendar management
• Able to complete responsibilities in a timely, professional, and quality manner
• Collaborative and effective team player and able to express oneself clearly and in technical and non-technical terms to a globally dispersed team
• Ability to translate specific goals into action and follow through to achieve goals and take initiative, seek and act on opportunities to improve organization performance
• You do not need to possess 100% of these qualities to be considered
• You must be available to work onsite as required by job

In addition, U.S Citizenship is required. Select applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information and be able to obtain a government-granted security clearance. Individuals may also be subject to a background investigation including, but not limited to criminal history, employment and education verification, drug testing, and creditworthiness.

BDR is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, marital status, disability, veteran status, sexual orientation, or genetic information.