S&K Logistics Services Senior Cyber Security Analyst in Aiken, South Carolina
S&K Logistics Services, LLC (SKLS), a member of the S&K Technologies Family of Companies owned by the Salish and Kootenai Tribes, is actively seeking a Senior Cyber Security Analyst. The salary range for this position is $120K - $140K. The Senior Cyber Security Analyst assists with the design and implementation of IT Security Systems to protect organization’s Information Networks from cyber-attacks and help develop organization wide best practices for information security. The Senior Analyst is also responsible for conducting/leading risk assessments and participating in and supporting Security Assessments and Audits. This position provides cyber security support for the Enterprise Information Services for the Department of Energy (DOE) Savannah River Operations Office (DOE-SR) at the Savannah River Site (SRS) in Aiken SC. SKT is an AA/EEOC/American Indian Hiring Preference Employer.
Essential Duties and Responsibilities:
Facilitate the planning and response to data audits, by collecting and reviewing all requirements and ensuring the correct information and data are prepared for the ISSM.
Perform penetration testing including system or application vulnerability discovery, research, exploitation, reporting and validation according to the established rules of engagement.
Perform Vulnerability Management support including scanning assigned network space for vulnerabilities, notification to owner and personnel accountable, tracking remediation, reporting and validation.
Perform wireless detection to include unauthorized wi-fi access points or Bluetooth devices.
Perform and or support software validations and assessments as needed
Support Assessments and Authorization activities as the “Certification Agent”.
Supports security activities within SDLC in accordance with DOE CSP and Risk Management Framework.
Supports DOE Oversight function of site tenant systems and cyber security activities.
Assist the Authorizing Official Designated Representative (AODR) and Information System Security managers (ISSM)s in the development and coordination of Computer Security Risk Assessments, Accreditation approvals, certifications, routine auditing of systems and program corrective action validation.
Assist forensic analysis and incident response activities.
Maintains awareness of current cyber security information and events.
Attend meetings, trainings and conferences
Assist the Cyber Security team to develop and conduct Cyber Security Awareness training as needed for the team and customers (i.e. Tech Talks, Cyber Road Shows, Kids Day, Public School Community Outreach Program, etc.)
Assist in developing and continually improving organizational IT and Cyber Security related policies, standards, procedures, guidelines, and other program related documentation
Work in a team environment and performs other duties as assigned by the Cyber Security Team Lead, IT Project Manager, Program Manager or DOE Counterparts.
Serve as the Technical Lead and back up to the Team Lead when needed.
Bachelor's degree in Computer Science, Information Technology or Technical related field, relevant experience may be substituted for bachelor's degree on a year-for-year basis.
Seven (7) years in IT security experience.
Auditing experience is required with the ability to development and coordinate Information Systems Risk Assessments, Accreditation approvals, certifications, routine auditing of systems and program corrective action validation.
Professional certification required: Penetration Testing\Ethical Hacking within 6 months of hire.
Highly desired certifications: CISSP, GIAC Certified Incident Handler (GCIH), GIAC Certified Penetration Tester (GPEN), GIAC Certified Forensic Examiner (GCFE).
Current driver’s license, proof of U.S. citizenship and the ability to satisfy a background investigation to obtain a security clearance.
DOE “Q” or DOD Top Secret Clearance a must.
Strong understanding of Windows and Linux/Unix based Operating Systems, networking (TCP/IP, Ports, Active Directory, DNS and DHCP), switch/Router configuration, and security.
Strong written and verbal communications skills.
Familiarity with applicable regulations affecting Cyber Security and National Institute of Standards and Technology (NIST) 800 Series and the application of those Standards.
Must excel working in team-oriented roles that rely on ability to collaborate with others.
All qualifications, education, and experience listed in the job description must be able to be demonstrated at an appropriate level for the position through evaluation of the resume, testing, and an interview process as appropriate. Meeting of all qualifications, education, and experience requirements will be at the discretion of Human Resources and the Hiring Manager.
Requisition ID: SRCYBERCOMPANY8.3