Browse Open Jobs | Search Open Jobs | Submit a General Profile | Edit Your Profile | View Submitted Applications

Job Details


Requisition Number 19-3737
Title Security Analyst
City Herndon
State VA
Description At K12, we recognize the critical nature of information security and the need to demonstrate administrative, technical, and physical safeguards to help ensure the confidentiality, integrity, and availability of student/teacher records and intellectual property. Responsible for implementing leading security and governance practices, procedures and controls to protect K12’s information assets and ensure compliance with applicable regulatory requirements. Systems Compliance Manager performs SOX audits, internal audit, security risk assessments, information governance, privacy, security awareness, and/or cybersecurity maturity assessments.

As Security Analyst, you will join a small group focused on detecting and preventing cyber threats to K12. You have core skills and experience in detecting and responding to security incidents. You enjoy installing, administering and troubleshooting a wide range of security solutions to cover desktops and servers, on premises data centers and AWS cloud. You will identify weaknesses in our infrastructure and applications and work with technical leaders across the company to identify practical means to reduce K12’s risk posture. You will have opportunities to gain experience in pen testing, intrusion detection, and auditing. Your expertise and integrity will be leveraged to respond to bad actors as well as legal and HR initiated support requests.

RESPONSIBILITIES:

• Establish plans and protocols to protect sensitive data and ensure availability and integrity of K12’s online school services.
• Perform vulnerability testing, network scanning, risk and security assessments.
• Assist in the collection of system information and procedures required by internal and external audits and examinations; assist in drafting responses to audits.
• Conduct security audits and make security policy recommendations.
• Perform vendor risk assessments as assigned. Work with vendors and business owners to gather documentation and develop vendor remediation plans.
• Perform real-time and proactive analysis on various data sources, such as anti-virus logs, web and network firewall logs, IDS & IPS data, event logs, and other host based and network-based artifacts.
• Report threats and vulnerabilities to K12 infrastructure and application teams. Keep abreast of the latest security issues and identify mitigation actions.
• Manage, configure and support security tools for access, endpoints, network, datacenter and cloud including encryption, identity and access management, firewalls, anti-virus software, network and host intrusion detection and prevention systems.
• Design and present security education and awareness training.
• Develop and update technical best-practice SOPs and runbooks.
• Use technology to facilitate eDiscovery.
• Member of the SIRT (Security Incident Response Team) to conduct technical analysis against impacted systems to determine impact, scope, and recovery from active and potential cyber incidents.
Requirements MINIMUM REQUIRED QUALIFICATIONS:
• Bachelor’s degree in Computer Science, Information Systems, Information Security & Assurance, Information Technology, or related field required AND
• Minimum of four years of experience in network and/or security Administration OR
• Equivalent combination of education and experience
Certificates and Licenses:
• Certified McAfee Security Specialist ePO (CMSS-ePO), Certified McAfee Security Specialist HIPS (CMSS-HIPS) McAfee product certifications preferred, but not required
• SANS GCIA, GCED, GPEN, GCIH, or CISSP Certifications preferred, but not required
• Preferred, AWS “Associate” level certification (one of AWS Certified Solution Architect - Associate, AWS Certified SysOps Admin - Associate, or AWS Certified Developer - Associate) or equivalent experience
OTHER REQUIRED QUALIFICATIONS:
• Hands-on operational experience as a cybersecurity analyst/engineer in a security operations center required.
• McAfee ePO, HIPS, Virus Scan, Web Gateway, DLP (host & Network)
• Automation scripts in PowerShell, Perl, Ansible, and/or SQL
• Desktop management solutions such as KACE, Ivanti, MS Intune, Active Directory and Group Policy Management
• COTS and open source infrastructure vulnerability management tools
• COTS and open source dynamic application scanning tools
• Knowledge of cybersecurity attack methodology to include tactics and techniques, and associated countermeasures for adversarial activities such as malicious code, DDOS, phishing, ransomware, botnets, command and control (C2) activity, etc.
• Skills analyzing and responding to security events and incidents using technologies such as security information and event management (SIEM) technologies, intrusion detection/prevention systems (IDS/IPS), network- and host-based firewalls, network access control (NAC), data leak protection (DLP), database activity monitoring (DAM), web and email content filtering, vulnerability scanning tools, endpoint protection, secure coding, etc.
• Cyber metrics development, maintenance and reporting
• Sound communication skills: Able to clearly present information through the spoken or written work; reads and interprets complex information; conveys information effectively; listens well. Ability to discuss complex technical issues with laypersons as well as highly technical individuals
• Ability to pass required background check
DESIRED QUALIFICATIONS:
• Knowledge of AWS security tools including CloudTrail, CloudWatch, AWS Config, IAM, and KMS.
• Analysis of threat intelligence (e.g., exploits, IOCs, hacking tools, vulnerabilities, threat actor TTPs) to identify cybersecurity threats and derive countermeasures, not previously ingested into network security tools/applications, to apply protections for the network
• Ability to build and implement event correlation rules, filters, logic, and content in the security information event management (SIEM) system
• GRC management tools such as Quantivate, Metricstream, Archer, etc.
• Dynamic application security testing tools such as ACUNETIX or NETSPARKER
• eDiscovery tools for Exchange and Office365.
  • Please view Equal Employment Opportunity Posters provided by OFCCP here.
Apply On-line
Send This Job to a Friend