Cybersecurity Analyst - Richmond, United States - V2X

Description

At V2X, we are making a difference by delivering decision support tools critical for the protection of our forces when threatened by both physical and Chemical, Biological, Radiological, or Nuclear (CBRN) threats.

As an Intermediate Cybersecurity Analyst contracted to support the Integrated Early Warning of Chemical, Biological, Radiological, and Nuclear (CBRN) Sensors project for the Department of Defense (DoD), you will play a vital role in ensuring the security and compliance of software systems critical to national defense. Operating remotely, you will collaborate with senior cybersecurity analysts and development teams to conduct security assessments, analyze vulnerabilities, and implement cybersecurity controls. Your responsibilities will include documenting security findings, incident response activities, and compliance efforts for upload to EMASS (Enterprise Mission Assurance Support Service) in accordance with DoD standards and regulatory requirements.

Major Job Activities:

• Participating in security assessments of software systems and applications throughout the development lifecycle, identifying vulnerabilities, and recommending mitigation strategies.
• Collaborating with senior cybersecurity analysts and development teams to integrate security controls and best practices into the design, development, testing, and deployment phases.
• Assisting in performing threat modeling exercises to identify potential risks and vulnerabilities in software architectures and functionalities.
• Supporting code reviews and conducting static and dynamic analysis to identify security flaws, coding errors, and vulnerabilities.
• Assisting in incident response efforts related to cybersecurity incidents and breaches during test events, conducting forensic investigations, and analyzing root causes.
• Participating in security reviews, audits, and compliance assessments, documenting assessment results and recommendations for remediation.
• Monitoring security alerts and threat intelligence feeds, assisting in analyzing threat intelligence data, and proactively mitigating risks to software systems.
• Assisting in documenting security documentation for upload to EMASS, ensuring accuracy, completeness, and compliance with DoD reporting requirements.
• Collaborating with DoD stakeholders, program managers, and security teams, documenting security requirements, concerns, and resolutions to support the successful delivery of software solutions.

Material & Equipment Directly Used:

Computer, Phone, and basic office materials.

Working Environment:

• Function in an office environment in a stationary position approximately 50 percent of the time or more.
• Must be able to operate standard office equipment, such as a computer, copy machine, and printer.
• Must be able to travel to customer sites and test events to support cybersecurity testing events.

Physical Activities:

Support for cybersecurity testing events in person.

Education / Certifications:

• Bachelor's degree in Computer Science, Information Security, or related field.
• Relevant industry certifications, such as Security+, CySA+, or similar, are preferred.

Clearance Requirement:

Active DoD Secret (or higher) level Security Clearance.

Experience / Skills:

• Demonstrated experience or knowledge in cybersecurity analysis, incident response, and documentation.
• Familiarity with software development methodologies, coding practices, and secure coding principles.
• Basic understanding of DoD cybersecurity policies, standards, and directives, with a willingness to learn and adapt to new requirements.
• Strong analytical and problem-solving skills, with the ability to learn quickly and apply new concepts effectively.
• Good communication and interpersonal skills, with the ability to work collaboratively in a remote team environment.
• Experience working on DoD contracts or within the defense industry is preferred, but not required.
• Commitment to maintaining professionalism, integrity, and confidentiality in handling sensitive information.

We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.

Education / Certifications:

• Bachelor's degree in Computer Science, Information Security, or related field.
• Relevant industry certifications, such as Security+, CySA+, or similar, are preferred.

Clearance Requirement:

Active DoD Secret (or higher) level Security Clearance.

Experience / Skills:

• Demonstrated experience or knowledge in cybersecurity analysis, incident response, and documentation.
• Familiarity with software development methodologies, coding practices, and secure coding principles.
• Basic understanding of DoD cybersecurity policies, standards, and directives, with a willingness to learn and adapt to new requirements.
• Strong analytical and problem-solving skills, with the ability to learn quickly and apply new concepts effectively.
• Good communication and interpersonal skills, with the ability to work collaboratively in a remote team environment.
• Experience working on DoD contracts or within the defense industry is preferred, but not required.
• Commitment to maintaining professionalism, integrity, and confidentiality in handling sensitive information.

We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.

Major Job Activities:

• Participating in security assessments of software systems and applications throughout the development lifecycle, identifying vulnerabilities, and recommending mitigation strategies.
• Collaborating with senior cybersecurity analysts and development teams to integrate security controls and best practices into the design, development, testing, and deployment phases.
• Assisting in performing threat modeling exercises to identify potential risks and vulnerabilities in software architectures and functionalities.
• Supporting code reviews and conducting static and dynamic analysis to identify security flaws, coding errors, and vulnerabilities.
• Assisting in incident response efforts related to cybersecurity incidents and breaches during test events, conducting forensic investigations, and analyzing root causes.
• Participating in security reviews, audits, and compliance assessments, documenting assessment results and recommendations for remediation.
• Monitoring security alerts and threat intelligence feeds, assisting in analyzing threat intelligence data, and proactively mitigating risks to software systems.
• Assisting in documenting security documentation for upload to EMASS, ensuring accuracy, completeness, and compliance with DoD reporting requirements.
• Collaborating with DoD stakeholders, program managers, and security teams, documenting security requirements, concerns, and resolutions to support the successful delivery of software solutions.

Material & Equipment Directly Used:

Computer, Phone, and basic office materials.

Working Environment:

• Function in an office environment in a stationary position approximately 50 percent of the time or more.
• Must be able to operate standard office equipment, such as a computer, copy machine, and printer.
• Must be able to travel to customer sites and test events to support cybersecurity testing events.

Physical Activities:

Support for cybersecurity testing events in person.