Job   USA   DC   DC Area   Analyst   Cayuse Holdings -

Continuous Diagnostics and Mitigation...

This listing was posted on ApplicantPro.

Continuous Diagnostics and Mitigation (CDM) Vulnerability Analyst/Tanium SME

Location:
Arlington, VA
Description:

Native Hawaiian Veterans, LLC (NHV) is a tribally-owned business; an Underutilized Disadvantaged Business Enterprise (UDBE); and Minority Business Enterprise (MBE) that provides services, solutions, and products in the areas of Homeland Security, Emergency Management, Information Technology, Communication Equipment, Professional Staff Augmentation, Munitions and Explosives of Concern (MEC) Remediation, and Strategic Communications/Creative Services. Cayuse and our family of companies are 100% Indian Small Business Economic Enterprises (ISBEE) wholly owned by the Confederated Tribes of the Umatilla Indian Reservation (CTUIR). Specifically, within our Government Operations, we offer diverse business lines and workforce while providing solutions for federal, state, and local clients throughout the world. Cayuse's comprehensive program management, mission support, and technology solutions are ideally positioned to help our clients advance their goals. Primary Focus Cayuse is seeking a Continuous Diagnostics and Mitigation (CDM) Vulnerability Analyst and Tanium SME to provide support to the Applied Cybersecurity initiative in the Department of State, Bureau of Diplomatic Security. This role encompasses two linked Cybersecurity responsibilities and a variety of information security expertise. This is a highly critical role in documenting the Bureau's Cybersecurity Posture. Primarily the role will focus on developing CDM reporting and software for Department of State that coordinates with data already collected supporting the DHS CDM program. Candidate needs to have information security expertise, produce CDM reports to support vulnerability management described here, as well as Software Security analysis, meets the configuration standards. This hands-on position requires frequent interfacing with development and business teams to create documentation and training; translate policy requirements into day to day operational requirements; ensure compliance with federal regulations; and optimize current Cyber processes to ensure rapid adoption across bureaus and other entities within the Department. Secondarily, one of the key sources of data for this position is data collected through Tanium. The Security analyst needs to use data from Tanium to identify and assess security risks, analyze security data, and develop and implement security strategies to protect an organization's technology infrastructure and data. Other sources of interest for this analysis include Microsoft MECM, MS Defender, Splunk. The second part will include managing Tanium Endpoint Protection. This role requires experience with Tanium architecture, deployment methods, and Tanium appliances. Experience with distributing application and software packages using Tanium. Experience with software discovery and reporting using Tanium. Experience with systems administration, troubleshooting, installation, and configuration, monitoring system performance, or performing application upgrades, which includes either hands-on experience or managerial experience. Knowledge of Tanium module, including Asset, Comply, Connect, Deploy, Discover, and Patch. Ability to provide Tanium support in IT operations and maintenance, including ticketing, issue response, and remediation. Responsibilities Build a threat/situational awareness dashboard for senior executives to have access to CM data Perform continuous monitoring activities Understand and advise on vulnerabilities common to Bureau equipment Upon identification of a vulnerability, advise on impact and on mitigation strategies, and track the follow-through to completion Qualifications: A Bachelors degree in a relevant field of study from a fully accredited institution. (Advanced degree preferred but not required) Must have a minimum of 5 years of Cybersecurity experience (or less with a Masters degree) Experience with vulnerability assessments, vulnerability management, and running dashboards Flexibility and recognition that this is a fast-paced, changing environment Strong communication, organizational, analytical, and problem-solving skills Ability to support and manage multiple concurrent projects with shifting priorities in a fast-paced, deadline driven environment Strong organizational skills Ability to work in a team environment in support of the Bureau's mission Mastery in use of personal computers with extensive experience using Microsoft Office Suite; familiarity with web-based applications including Microsoft Teams a plus Top S ecret Clearance Duties Leverage knowledge of U.S. federal government cyber mandates, directives, standards and industry best practices and threat intelligence in shaping Department policy. Create or establish security standards/baselines for cloud-based platforms Influence the Bureau Architecture with security processes and standards, creating data access and compliance dashboards. Understand and track data dependencies and encryption policies at rest, in transit, how it's used in applications, including data retention and privacy policies with regard to PII collection. Influence Security processes and standards to enhance, automate and monitor security controls in accordance with established Department guidelines Influence a security baseline across platforms. Evolve Bureau policies and practices to reflect changes in technical cyber threats. Assist in the definition and maintenance of cybersecurity policies and standards. Identify key cybersecurity controls required based on an understanding of the agency's cybersecurity risks and business objectives, and considering key threats, client requirements, regulatory requirements, and technology trends. Work closely with the Government Clients and other Stakeholders to ensure collaboration and alignment. Other duties as assigned. Technical Skills: Knowledge, Skills and Abilities Strong knowledge and understanding of information security legal and regulatory requirements a plus. Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework a plus. Professional security management certification strongly desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials a plus. Knowledge of Department Foreign Affairs Manuals and Foreign Affairs Handbook (FAM/FAH) a plus. Human Relationship Skills Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies and standards, and risk-related concepts to technical and nontechnical audiences at various hierarchical levels. Sound knowledge of business management and information / cybersecurity policies and standards Additional Abilities Must be able to pass a background check and additional background checks as required by projects and/or clients at any time during employment. Relationships Reports to: Program Manager Working Conditions Normal physical conditions General office environment Must be able to sit for long periods of time looking at computer screen May be asked to work a flexible schedule which may include holidays May be asked to travel for business or professional development purposes May be asked to work hours outside of normal business hours Compensation Comprehensive Benefits Program - Paid-Time-Off Job Posted by ApplicantPro
Company:
Cayuse Holdings
Posted:
August 25 on ApplicantPro
Visit Our Partner Website
This listing was posted on another website. Click here to open: Go to ApplicantPro
Important Safety Tips
  • Always meet the employer in person.
  • Avoid sharing sensitive personal and financial information.
  • Avoid employment offers that require a deposit or investment.

To learn more, visit the Safety Center or click here to report this listing.