Cyber Security Analyst

SEMCON provides a highly qualified, professional, and responsive technical and managerial workforce to satisfy customer requirements that support the Federal Aviation Administration (FAA)'s mission, vision, goals. SEMCON's company culture aligns enriching career experiences, growth opportunities, and collaborative engagement for all SEMCON employees resulting in a company value being greater than the sum of our parts.

We are in search of a Cyber Security Analyst to join our team working at the William J. Hughes Technical Center to conduct and analyze security assessments, perform Information Systems Security (ISS) monitoring and event detection for FAA National Airspace System (NAS) assets.

Requirements

The Cyber Security Analysts will have knowledge, skills and experience in the following areas:

Conducting/analyzing Security Assessments on various size information systems to include security testing using automated tools such as Nessus and HP WebInspect, collecting artifacts during the assessments, Experience conducting analysis of test data, reviewing security documents such as the SCD, SSP, ISCPs and SOPs, and other artifacts collected as part of the assessmentDeveloping/analyzing Security Assessment ReportsAbility to write and communicate effectively with Federal System Owners (SOs), Information System Security Officers (ISSOs), and ISS Assurance ManagersWorking with automated tools, including Nessus, HP WebInspect, MetaSploit, BurpSuite, App Detective, nMap, and Kali LinuxExperience Testing systems, running NESSUS, WebInspect and analyzing resultsKnowledge of networking and various operating systems and networking devices, including Windows, Linux, Unix, and Solaris as well as Web ApplicationsKnowledge of the system authorization process, including initial authorization and continuous monitoringKnowledge of system authorization documents, including the System Characterization Document (SCD), System Security Plan (SSP), Information System Contingency Plan (ISCP), and ISCP Test Plan/Results ReportKnowledge of the Information Security Continuous Monitoring (ISCM) Process, including selection of appropriate system security requirements to be assessed during continuous monitoringKnowledge of NIST ISS Guidance and Federal Information Security (ISS) Policy, including the Risk Management Framework (RMF)Strong understanding, and knowledge of, NIST SP 800-53 rev 4 requirements and how-to tailor requirements based on agency security policies and directivesUnderstanding of how Federal ISS requirements are applied during all phases of the system acquisition life-cycle, including acquisitions of Federally owned and operated systems, and Vendor owned and operated systemsUnderstanding and knowledge of the FAA National Airspace System (NAS) and NAS operationsUnderstanding and knowledge of NAS technical operations maintenance processes and proceduresUnderstanding and technical knowledge of air traffic controls systems, including communications, navigation, surveillance, and automation systems

Excellent organizational, verbal/written communication and presentation skills are a must. Familiarity, understanding and knowledge of the FAA National Airspace System (NAS) and NAS operations is desired.

A US Associate's Degree in a technical field, such as Engineering, Computer Science or Cybersecurity plus Security related certification (CISSP, GCED, CASP, CISA) and 5+ years of relative work experience is required, along with the ability to obtain a Secret Level Security Clearance.

SEMCON offers a competitive salary and complete benefits package which includes health benefits (medical, dental, vision, and life), 401K with a generous employer match, paid time off, and paid holidays.
#J-18808-Ljbffr